Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Degraded Performance + Keylogger


  • Please log in to reply
12 replies to this topic

#1 serob

serob

  • Members
  • 38 posts
  • OFFLINE
  •  
  • Local time:12:25 AM

Posted 25 April 2008 - 10:24 PM

Hi!

Over the last few days I noticed heavy degraded performance and I know I have a keylogger installed but don't know where it is or how to remove it. I would appreciate any help you guys can provide. Thank you!

Here is the latest HJT log i got:Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:23:35 PM, on 4/25/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\WINDOWS\system32\RAMASST.exe
C:\WINDOWS\System32\DVDRAMSV.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\System32\PAStiSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\wltrysvc.exe
C:\WINDOWS\System32\bcmwltry.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\WINDOWS\System32\WISPTIS.EXE
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Documents and Settings\Pepi\Desktop\LIMPIARSPY\hijackthis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 125.7.203.168:80
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: IeMonitorBho Class - {8170D7DC-BDD6-461e-88EB-F047257898C9} - C:\Program Files\Conceiva\DownloadStudio\DLMonitr.dll
O3 - Toolbar: &DownloadStudio - {CB789373-04D5-4ef4-9C16-871463FD0830} - C:\Program Files\Conceiva\DownloadStudio\WebDLBar.dll
O3 - Toolbar: Protection Bar - {bf1ced2c-4b3f-4079-a330-864eda5a4cff} - C:\Program Files\QualityCodec\iesplugin.dll (file missing)
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
O4 - HKCU\..\Run: [amva] C:\WINDOWS\system32\amvo.exe
O4 - Startup: hc_tray.lnk = C:\Program Files\DOGKuma Games\hcsystray\hc_tray.exe
O4 - Startup: Tencent QQ.lnk = C:\Program Files\Tencent\QQ\QQ.exe
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: RAMASST.lnk = C:\WINDOWS\system32\RAMASST.exe
O8 - Extra context menu item: &NeoTrace It! - C:\PROGRA~1\NEOTRA~1\NTXcontext.htm
O8 - Extra context menu item: Add Page To DownloadStudio Scrapbook... - C:\Program Files\Conceiva\DownloadStudio\ds_snap.htm
O8 - Extra context menu item: Add to QQ Customized Emoticons - C:\Program Files\Tencent\QQ\AddEmotion.htm
O8 - Extra context menu item: Add to QQ Customized Panel - C:\Program Files\Tencent\QQ\AddPanel.htm
O8 - Extra context menu item: Download Image Using DownloadStudio... - C:\Program Files\Conceiva\DownloadStudio\ds_img.htm
O8 - Extra context menu item: Download Page Using DownloadStudio... - C:\Program Files\Conceiva\DownloadStudio\ds_all.htm
O8 - Extra context menu item: Download Selection Using DownloadStudio... - C:\Program Files\Conceiva\DownloadStudio\ds_sel.htm
O8 - Extra context menu item: Download Target Using DownloadStudio... - C:\Program Files\Conceiva\DownloadStudio\ds_file.htm
O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Send Picture with QQ MMS - C:\Program Files\Tencent\QQ\SendMMS.htm
O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Show Page Links Using DownloadStudio... - C:\Program Files\Conceiva\DownloadStudio\ds_link.htm
O8 - Extra context menu item: Subscribe To RSS Feed... - C:\Program Files\Conceiva\DownloadStudio\ds_rss.htm
O9 - Extra button: Trace - {04849C74-016E-4a43-8AA5-1F01DE57F4A1} - C:\Program Files\VisualRoute\vrie.dll
O9 - Extra 'Tools' menuitem: VisualRoute Trace - {04849C74-016E-4a43-8AA5-1F01DE57F4A1} - C:\Program Files\VisualRoute\vrie.dll
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: (no name) - {4D0C4820-53F7-4d79-A2E1-5252683CF69C} - C:\Program Files\Conceiva\DownloadStudio\DownloadStudio.exe
O9 - Extra 'Tools' menuitem: &DownloadStudio - {4D0C4820-53F7-4d79-A2E1-5252683CF69C} - C:\Program Files\Conceiva\DownloadStudio\DownloadStudio.exe
O9 - Extra button: DownloadStudio - {7FCA7BD7-8F4D-4a81-BE72-A470F4E517D5} - C:\Program Files\Conceiva\DownloadStudio\WebDLBar.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe (file missing)
O9 - Extra button: Referencia - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: NeoTrace It! - {9885224C-1217-4c5f-83C2-00002E6CEF2B} - C:\PROGRA~1\NEOTRA~1\NTXtoolbar.htm (HKCU)
O14 - IERESET.INF: START_PAGE_URL=http://www.averatec.com
O16 - DPF: {01111F00-3E00-11D2-8470-0060089874ED} (Support.com Installer) - http://supportsoft.adelphia.net/sdccommon/...ad/tgctlins.cab
O16 - DPF: {488A4255-3236-44B3-8F27-FA1AECAA8844} (CEditCtrl Object) - https://img.alipay.com/download/1007/aliedit.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1156293551756
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://212.98.46.120/activex/AxisCamControl.ocx
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: DVD-RAM_Service - Matsubleepa Electric Industrial Co., Ltd. - C:\WINDOWS\System32\DVDRAMSV.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: Local Security (secsys) - Unknown owner - C:\WINDOWS\Cachewin\secsys.exe (file missing)
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe
O23 - Service: WLTRYSVC - Unknown owner - C:\WINDOWS\System32\wltrysvc.exe

--
End of file - 10567 bytes

BC AdBot (Login to Remove)

 


#2 Rahina

Rahina

    Security Helper


  • Members
  • 681 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Finland
  • Local time:08:25 AM

Posted 06 May 2008 - 08:59 AM

Hello!

Please download Malwarebytes' Anti-Malware and save it to your desktop.
alternate download link 1
alternate download link 2
  • Double-click mbam-setup.exe to install the application.
  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • If you have trouble with the update process, please download the latest updates here.
  • Double-click the mbam-rules.exe file on your desktop and let it update the application.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish, so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to restart. (see extra note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Please copy and paste the entire report in your next reply. :thumbsup:
Extra note:
If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer, please do so immediately. Failure to reboot will prevent MBAM from removing all the malware.

==========

Please download Deckard's System Scanner (DSS) and save to your Desktop.
alternate download site

DSS will do the following:
  • Create a new System Restore point in Windows XP and Vista.
  • Clean your Temporary Files, Downloaded Program Files, Internet Cache Files, and empty the Recycle Bin on all drives.
  • Check some important areas of your system and produce a report for me to analyze.
  • Automatically run HijackThis. It will also install and place a shortcut to HijackThis on your desktop if you do not already have it installed. So if HijackThis is not installed and DSS prompts you to download it, please answer yes.
You must be logged onto an account with administrator privileges when using.
  • Close all applications and windows.
  • Double-click on dss.exe to run it and follow the prompts.
  • If your anti-virus or firewall complains, please allow this script to run as it is not
    malicious.
  • When the scan is complete, two text files will open in Notepad:
    • main.txt <- this one will be maximized
    • extra.txt <- this one will be minimized
  • If not, they both can be found in the C:\Deckard\System Scanner folder.
  • Please copy (Ctrl+C) and paste (Ctrl+V) the contents of main.txt and extra.txt in your next reply.
-- When running DSS, some firewalls may warn that it is trying to access the Internet especially if your asked to download the most current version of HijackThis. Please ensure that you allow it permission to do so.
-- If you get a warning from your anti-virus while DSS is scanning, please allow DSS to continue as the scan is not harmful.

[ Antivirus ] [ Firewall ] [ Spywareblaster ] [ Malwarebytes Anti-Malware ] [ Windows update ] [ Firefox ] [ WinPatrol ] [ ATF Cleaner ]

If i have helped you, donate to help me continue helping others. Posted Image
Posted Image Posted Image

#3 serob

serob
  • Topic Starter

  • Members
  • 38 posts
  • OFFLINE
  •  
  • Local time:12:25 AM

Posted 17 May 2008 - 03:00 AM

Dear Rahina,

I appreciate your time. You will find my logs below:
============================================================================
Malwarebytes' Anti-Malware 1.12
Database version: 724

Scan type: Quick Scan
Objects scanned: 46996
Time elapsed: 38 minute(s), 32 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 1
Registry Keys Infected: 20
Registry Values Infected: 1
Registry Data Items Infected: 0
Folders Infected: 36
Files Infected: 1267

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
C:\WINDOWS\system32\amvo0.dll (Trojan.Agent) -> Unloaded module successfully.

Registry Keys Infected:
HKEY_CLASSES_ROOT\Interface\{04a38f6b-006f-4247-ba4c-02a139d5531c} (Adware.Minibug) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{3c2d2a1e-031f-4397-9614-87c932a848e0} (Adware.Minibug) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\minibugtransporter.minibugtransporterx (Adware.Minibug) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\minibugtransporter.minibugtransporterx.1 (Adware.Minibug) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{2b96d5cc-c5b5-49a5-a69d-cc0a30f9028c} (Adware.Minibug) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\qqiehelper.qqbrowserhelperobject (Trojan.QQHelper) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\qqiehelper.qqbrowserhelperobject.1 (Trojan.QQHelper) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{aa4939c3-deca-4a48-a454-97cd587c0ef5} (Adware.NetOptimizer) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{eee4a2e5-9f56-432f-a6ed-f6f625b551e0} (Adware.NetOptimizer) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{23752aa7-cad7-40c2-99ee-7a9cd3c20c6d} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{39732ce5-0ee6-401a-a0b2-27f46b755c5b} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{68e03e39-a4c1-4fe0-87c4-22b029df3e4d} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{68e03e39-a4c1-4fe0-87c4-22b029df3e4d} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{ed4ca2e5-0eea-44c1-ad7e-74a07a7507a4} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{ed4ca2e5-0eea-44c1-ad7e-74a07a7507a4} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\qq2005 (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{0d1cd3af-2071-4a5a-8bff-048d114b1510} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{c7c47bd0-b532-4086-9a25-0bad577b5053} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a96c48ea-aa88-4bbd-b58c-7b41146a6eac} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{df7ca90d-fff4-4ef8-aa3b-ff6b95635b99} (Adware.Agent) -> Quarantined and deleted successfully.

Registry Values Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\amva (Trojan.Agent) -> Quarantined and deleted successfully.

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
C:\Program Files\Tencent (Adware.Agent) -> Delete on reboot.
C:\Program Files\Tencent\QQ (Adware.Agent) -> Delete on reboot.
C:\Program Files\Tencent\QQ\Chat (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\chatTheme (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\Dat (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\Face (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\pimskin (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QBox (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QQAddrDat (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QQAddrPlugin (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QQBuddy (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QQDialSkin (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\qqedit (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QQFileCache (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QQPet (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QRingFiles (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QZone (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\SkinBmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\sound (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\Chat\Pics (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\Dat\images (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\IMSkin (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\MusicPlugin (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\SearchPlugin (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QBox\Def_Skin (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QBox\msg (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QBox\SrvImage (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QBox\Def_Skin\msg (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QBox\Def_Skin\pay (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QQBuddy\Dat (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QQBuddy\Def_Skin (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QQBuddy\Dat\images (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QQDialSkin\default (Adware.Agent) -> Quarantined and deleted successfully.

Files Infected:
C:\Program Files\Tencent\QQ\ACodec.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\AddEmotion.htm (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\AddPanel.htm (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\AddrImportHelper.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\AddToNetDisk.htm (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\AudioDevice.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\audioengine.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\ausdl.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\AutoLogin.dat (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\BasicCtrlDll.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\BDLiveUpdate.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\BEdit.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\BMate.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\BQQApplication.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\BugReport.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\CameraDll.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\ChatRoom.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\CommBase.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\CommConfig.ini (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\CommercesMng.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\ContactData.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\ContentTab.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\Content_Config.ini (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\CPHelper.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\CQQApplication.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\custom_help.htm (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\DialerAllInOne.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\DShared.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\FlashAvatarDll.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\flog.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\GdiPlus.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\GIPSVoiceEngineDLL.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\GroupConnection.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\HDRoom.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\help_01.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\help_02.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\help_03.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\help_04.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\help_05.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\help_10.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\help_11.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\help_13.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\HostingMgr.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\ImageOle.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\ImagePro.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\InPlus.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\InsertOnlineState.htm (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\InterfaceForQQ.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\iphone.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\IPPhone.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\Key.ini (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\license.txt (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\LoginCtrl.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\LoginCtrlRes.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\loginsl.dat (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\LongConnection.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\MagicBook.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\MagicFlash.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\MagicShow.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\MagicShowCtrl.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\MailSummary.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\Mfc42.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\msvcp60.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkin.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\npkcntc.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\npkcrypt.sys (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\npkcrypt.vxd (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\npkcusb.sys (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\npkpdb.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\OEMApplication.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\OnlineInstall.ini (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\PersonalDesktop.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\PhoneAPI.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\PIMMain.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\qdshm.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QImage.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\Qpl.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QQ.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QQ.smp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QQAddr.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QQAllInOne.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QQAPI.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QQAvatar.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QQBaseClassInDll.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QQConfigPlugin.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QQCustomFace.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QQDiskShellMenu.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QQexternal.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QQFileTransfer.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QQGlobal.db (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QQGroupDisk.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QQGroupMng.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QQHangReport.lnk (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QQHelperDll.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QQIEHelper.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QQlog (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QQMagicFace.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QQMainFrame.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QQMMSender.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QQMsgFriendMng.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QQNetDisk.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QQOneClick.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QQPet.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QQPhoneHelper.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QQPlugin.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QQRes.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QQSceneMng.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QQSettingCtrl.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QQShowMagic.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QQSpace.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QQSysMsgMng.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QQUdpGetFileLib.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QQZip.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QRingMng.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\riched20.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\Riched32.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\RoomPanel.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\rv32h323.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\rv32rtp.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\rvcommon.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\SBuddyCall.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\SBuddyFriend.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\SCCore.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\Security.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\SendMMS.htm (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\SetupInfo.ini (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\ShareFiles.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\tencent-comlib.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\tencent-proto1.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\tencent-proto2.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\TIMPlatform.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\TIMProxy.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\Timwp.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\Timwp.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\TWqqAudio.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\TWqqVideo.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\uninst.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\UserDefinedHead.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\v2mail.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\V2MailActiveX.ocx (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\vbscript.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\VCodec.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\VideoDevice.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\VoipConfig.dat (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\vphone.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\VqqAllInOne.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\VqqModule.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\vqqsdl.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\vqqset.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\whatsnew.txt (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\WizardCtrl.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\Chat\Actions.txt (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\chatTheme\212.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\chatTheme\213.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\chatTheme\221.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\chatTheme\bg1.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\chatTheme\bg3.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\chatTheme\blueA1.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\chatTheme\blueA2.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\chatTheme\blueA3.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\chatTheme\blueA4.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\chatTheme\blueA5.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\chatTheme\blueA6.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\chatTheme\blueB1.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\chatTheme\blueB2.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\chatTheme\blueB3.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\chatTheme\blueB4.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\chatTheme\blueB5.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\chatTheme\blueB6.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\chatTheme\chatTheme.ini (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\chatTheme\gray1.BMP (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\chatTheme\gray2.BMP (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\chatTheme\gray3.BMP (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\chatTheme\gray4.BMP (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\chatTheme\gray5.BMP (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\chatTheme\gray6.BMP (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\chatTheme\yellow1.BMP (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\chatTheme\yellow2.BMP (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\chatTheme\yellow3.BMP (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\chatTheme\yellow4.BMP (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\chatTheme\yellow5.BMP (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\chatTheme\yellow6.BMP (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\Dat\3G.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\Dat\ad.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\Dat\advgroup_tip.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\Dat\bapp_background.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\Dat\c2cgroup_tip.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\Dat\CityListForFriend.dat (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\Dat\connecting_big.swf (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\Dat\connecting_sm.swf (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\Dat\cute.1 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\Dat\default.mht (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\Dat\default_av.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\Dat\default_av.swf (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\Dat\default_av_boy.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\Dat\default_av_boy.swf (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\Dat\default_av_chatroom.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\Dat\default_av_chatroom.swf (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\Dat\default_av_girl.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\Dat\default_av_girl.swf (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\Dat\diamond_b.swf (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\Dat\diamond_g.swf (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\Dat\diamond_gb.swf (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\Dat\diamond_r.swf (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\Dat\diamond_rb.swf (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\Dat\diamond_rg.swf (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\Dat\diamond_rgb.swf (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\Dat\DistrictCode.txt (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\Dat\dot.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\Dat\EmbedLink.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\Dat\find.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\Dat\GAudio_Call.wav (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\Dat\GAudio_Receive.wav (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\Dat\groupimage.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\Dat\GroupLayer.xml (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\Dat\GroupVisibleWait.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\Dat\im_info.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\Dat\infoad.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\Dat\KJAVA.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\Dat\line.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\Dat\load.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\Dat\login.swf (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\Dat\logo.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\Dat\manualGet.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\Dat\MobileData.txt (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\Dat\MqqDef.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\Dat\NetClub_24.ico (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\Dat\NotFound.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\Dat\PetEgg.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\Dat\PhoneTypeList.xml (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\Dat\Phrase.txt (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\Dat\ptt_info.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\Dat\QLoveLady.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\Dat\QLoveMan.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\Dat\QQFlashAvatar_client.swf (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\Dat\QQFlashAvatar_contain.swf (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\Dat\QQShowPromoFemale1.swf (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\Dat\QQShowPromoFemale2.swf (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\Dat\QQShowPromoMale1.swf (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\Dat\QQShowPromoMale2.swf (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\Dat\QuestionList.txt (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\Dat\QZoneSysPic.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\Dat\RsItemBot.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\Dat\RsItemMid.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\Dat\RTXIndex.htm (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\Dat\rtx_enter.jpg (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\Dat\rtx_friend.jpg (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\Dat\sendingBmp.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\Dat\sendingCF.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\Dat\Shield_14.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\Dat\SmsMsgFail.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\Dat\SmsMsgSending.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\Dat\SmsMsgSomeFail.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\Dat\SmsMsgSuccess.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\Dat\TempSessionUserInfo.htm (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\Dat\tipbackground.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\Dat\tipbackgroundBig.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\Dat\tip_ToolBar_back.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\Dat\TMBApp.ini (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\Dat\tmbc_tips_bk.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\Dat\tocGroup.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\Dat\TUserInfoQQ.htm (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\Dat\TWWChatAudioNotRead.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\Dat\TWWChatAudioReaded.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\Dat\TWWChatAudioReading.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\Dat\url.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\Dat\vipprompt.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\Dat\vqqad.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\Dat\wait.html (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\Dat\waitingmf.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\Dat\WAP.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\Dat\World.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\Dat\images\bg.jpg (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\Dat\images\line.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\Dat\images\point.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\Face\0.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\Face\1.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\Face\10.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\Face\11.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\Face\12.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\Face\13.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\Face\14.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\Face\15.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\Face\16.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\Face\17.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\Face\18.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\Face\19.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\Face\2.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\Face\20.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\Face\21.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\Face\22.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\Face\23.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\Face\24.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\Face\25.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\Face\26.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\Face\27.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\Face\28.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\Face\29.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\Face\3.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\Face\30.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\Face\31.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\Face\32.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\Face\33.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\Face\34.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\Face\35.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\Face\36.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\Face\37.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\Face\38.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\Face\39.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\Face\4.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\Face\40.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\Face\41.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\Face\42.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\Face\43.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\Face\44.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\Face\45.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\Face\46.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\Face\47.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\Face\48.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\Face\49.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\Face\5.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\Face\50.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\Face\51.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\Face\52.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\Face\53.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\Face\54.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\Face\55.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\Face\56.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\Face\57.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\Face\58.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\Face\59.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\Face\6.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\Face\60.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\Face\61.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\Face\62.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\Face\63.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\Face\64.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\Face\65.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\Face\66.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\Face\67.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\Face\68.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\Face\69.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\Face\7.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\Face\70.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\Face\71.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\Face\72.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\Face\73.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\Face\74.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\Face\75.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\Face\76.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\Face\77.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\Face\78.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\Face\79.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\Face\8.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\Face\80.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\Face\81.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\Face\82.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\Face\83.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\Face\84.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\Face\85.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\Face\86.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\Face\87.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\Face\88.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\Face\89.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\Face\9.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\Face\90.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\Face\91.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\Face\92.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\Face\93.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\Face\94.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\Face\95.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\1-1.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\1.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\10-1.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\10.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\100-1.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\100.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\101-1.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\101.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\102-1.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\102.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\103-1.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\103.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\104-1.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\104.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\105-1.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\105.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\106-1.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\106.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\107-1.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\107.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\108-1.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\108.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\109-1.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\109.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\11-1.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\11.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\110-1.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\110.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\111-1.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\111.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\112-1.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\112.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\113-1.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\113.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\114-1.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\114.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\115-1.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\115.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\116-1.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\116.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\117-1.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\117.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\12-1.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\12.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\13-1.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\13.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\14-1.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\14.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\15-1.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\15.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\16-1.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\16.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\17-1.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\17.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\18-1.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\18.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\19-1.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\19.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\2-1.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\2.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\20-1.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\20.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\21-1.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\21.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\22-1.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\22.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\23-1.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\23.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\24-1.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\24.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\25-1.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\25.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\26-1.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\26.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\27-1.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\27.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\28-1.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\28.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\29-1.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\29.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\3-1.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\3.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\30-1.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\30.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\31-1.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\31.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\32-1.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\32.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\33-1.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\33.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\34-1.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\34.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\35-1.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\35.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\36-1.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\36.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\37-1.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\37.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\38-1.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\38.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\39-1.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\39.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\4-1.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\4.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\40-1.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\40.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\41-1.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\41.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\42-1.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\42.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\43-1.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\43.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\44-1.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\44.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\45-1.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\45.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\46-1.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\46.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\47-1.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\47.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\48-1.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\48.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\49-1.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\49.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\5-1.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\5.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\50-1.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\50.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\51-1.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\51.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\52-1.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\52.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\53-1.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\53.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\54-1.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\54.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\55-1.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\55.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\56-1.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\56.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\57-1.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\57.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\58-1.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\58.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\59-1.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\59.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\6-1.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\6.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\60-1.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\60.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\61-1.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\61.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\62-1.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\62.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\63-1.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\63.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\64-1.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\64.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\65-1.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\65.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\66-1.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\66.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\67-1.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\67.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\68-1.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\68.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\69-1.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\69.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\7-1.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\7.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\70-1.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\70.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\71-1.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\71.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\72-1.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\72.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\73-1.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\73.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\74-1.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\74.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\75-1.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\75.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\76-1.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\76.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\77-1.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\77.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\78-1.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\78.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\79-1.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\79.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\8-1.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\8.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\80-1.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\80.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\81-1.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\81.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\82-1.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\82.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\83-1.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\83.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\84-1.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\84.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\85-1.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\85.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\86-1.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\86.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\87-1.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\87.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\88-1.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\88.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\89-1.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\89.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\9-1.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\9.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\90-1.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\90.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\91-1.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\91.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\92-1.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\92.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\93-1.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\93.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\94-1.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\94.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\95-1.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\95.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\96-1.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\96.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\97-1.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\97.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\98-1.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\98.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\99-1.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\99.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NEWFACE\face.ini (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\allpanel.ico (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\arrowhead_close.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\arrowhead_open.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\Background.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\BackgroundB.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\BackgroundC.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\BackgroundL.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\BackgroundLB.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\BackgroundLT.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\BackgroundR.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\BackgroundRB.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\BackgroundRT.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\BackgroundT.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\barback2_normal.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\barback2_normal2.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\barback2_over.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\barback_disabled.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\barback_normal.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\barback_over.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\bar_down.ico (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\bar_up.ico (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\BlankPanel.ico (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\ChatRoomButton.cur (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\ChatRoomButton.ico (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\click_nor_close.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\click_nor_left.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\click_nor_mid.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\click_nor_open.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\click_nor_right.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\click_over_close.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\click_over_left.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\click_over_mid.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\click_over_open.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\click_over_right.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\CloseButton.cur (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\CloseButton_Down.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\CloseButton_Hover.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\CloseButton_Normal.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\ClosePet.ico (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\ColorButton.cur (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\ColorButton_Down.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\ColorButton_Hover.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\ColorButton_Normal.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\Config.xml (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\ContentsButton.cur (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\ContentsButton.ico (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\CustomButton.cur (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\CustomButton.ico (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\EaseButton.cur (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\EaseButton.ico (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\FolderBackgroundB.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\FolderBackgroundC.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\FolderBackgroundL.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\FolderBackgroundLB.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\FolderBackgroundLT.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\FolderBackgroundR.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\FolderBackgroundRB.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\FolderBackgroundRT.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\FolderBackgroundT.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\FolderButton_Down.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\FolderButton_Hover.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\FolderButton_Normal.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\FolderFillIn.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\FolderScrollbar.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\FolderScrollbar.bmptm (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\FriendButton.cur (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\FriendButton.ico (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\GameButton.cur (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\GameButton.ico (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\HGCClientButton.ico (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\HostingButton.cur (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\HostingButton.ico (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\IntegratePanel.ico (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\MailButton.cur (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\MailButton.ico (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\MenuButton.cur (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\MenuButton.ico (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\MenuButton_Down.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\MenuButton_Hover.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\MenuButton_Normal.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\MinButton.cur (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\MinButton_Down.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\MinButton_Hover.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\MinButton_Normal.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\MobileButton.cur (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\MobileButton.ico (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\MobileMsgButton.cur (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\MobileMsgButton.ico (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\MsgManagerButton.cur (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\MsgManagerButton.ico (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\NetDiskButton.cur (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\NetDiskButton.ico (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\OpenPet.ico (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\payment.ico (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\PushMsgInfo.ico (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\QQhome.ico (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\QQMusicButton.ico (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\QQTVButton.ico (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\RtxButton.cur (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\RtxButton.ico (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\SBuddyButton.cur (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\SBuddyButton.ico (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\SearchButton.cur (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\SearchButton.ico (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\Skin.ini (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\StatusButton.cur (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\StatusButton_Down.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\StatusButton_Hover.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\StatusButton_Normal.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\StatusPic.cur (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\StatusPic.ico (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\StatusPic1.ico (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\StatusPic2.ico (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\StatusPic3.ico (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\ToolBarBackgroundC.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\ToolBarBackgroundL.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\ToolBarBackgroundR.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\TTButton.cur (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\TTButton.ico (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\VBScript.vbs (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\IMSkin\bold.ico (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\IMSkin\color.ico (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\IMSkin\FontBarBK.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\IMSkin\FontBtnNor.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\IMSkin\FontBtnOver.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\IMSkin\groupmanage.ico (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\IMSkin\IMBigToolBarBackground.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\IMSkin\IMBigToolbarGame.ico (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\IMSkin\IMBigToolbarInvite.ico (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\IMSkin\IMBigToolbarMQQ.ico (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\IMSkin\IMBigToolbarMusic.ico (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\IMSkin\IMBigToolbarPlay.ico (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\IMSkin\IMBigToolbarSendFile.ico (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\IMSkin\IMBigToolbarVQQ.ico (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\IMSkin\IMBigToolbarWindow.ico (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\IMSkin\IMBorderBottom.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\IMSkin\IMBorderLeft.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\IMSkin\IMBorderRight.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\IMSkin\IMBorderTop.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\IMSkin\IMButton_Default.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\IMSkin\IMButton_Down.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\IMSkin\IMButton_Hover.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\IMSkin\IMButton_Normal.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\IMSkin\IMCloseButton_Down.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\IMSkin\IMCloseButton_Hover.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\IMSkin\IMCloseButton_Normal.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\IMSkin\IMFriendInfoBackground.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\IMSkin\IMFriendInfoBackground_big.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\IMSkin\IMMaxButton_Down.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\IMSkin\IMMaxButton_Hover.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\IMSkin\IMMaxButton_Normal.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\IMSkin\IMMinButton_Down.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\IMSkin\IMMinButton_Hover.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\IMSkin\IMMinButton_Normal.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\IMSkin\IMRestoreButton_Down.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\IMSkin\IMRestoreButton_Hover.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\IMSkin\IMRestoreButton_Normal.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\IMSkin\IMSidebarButtonExpand_Down.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\IMSkin\IMSidebarButtonExpand_Hover.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\IMSkin\IMSidebarButtonExpand_Normal.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\IMSkin\IMSidebarButton_Down.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\IMSkin\IMSidebarButton_Hover.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\IMSkin\IMSidebarButton_Normal.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\IMSkin\IMSidebarMenu_Down.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\IMSkin\IMSidebarMenu_Hover.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\IMSkin\IMSidebarMenu_Normal.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\IMSkin\IMSkin.ini (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\IMSkin\IMSmallToolbarAction.ico (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\IMSkin\IMSmallToolbarBackground.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\IMSkin\IMSmallToolbarCatch.ico (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\IMSkin\IMSmallToolbarFace.ico (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\IMSkin\IMSmallToolbarFont.ico (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\IMSkin\IMSmallToolbarGroup.ico (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\IMSkin\IMSmallToolbarOtherContent.ico (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\IMSkin\IMSmallToolbarPicForbid.ico (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\IMSkin\IMSmallToolbarPicture.ico (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\IMSkin\IMSmallToolbarPtt.ico (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\IMSkin\IMSmallToolbarQRing.ico (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\IMSkin\IMSmallToolbarQuick.ico (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\IMSkin\IMSmallToolbarScene.ico (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\IMSkin\IMSmallToolbarSearch.ico (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\IMSkin\Italic.ico (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\IMSkin\QZoneDlgAddFriend.ico (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\IMSkin\QZoneDlgBack.ico (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\IMSkin\QZoneDlgBackDisable.ico (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\IMSkin\QZoneDlgCommend.ico (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\IMSkin\QZoneDlgFavorites.ico (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\IMSkin\QZoneDlgForward.ico (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\IMSkin\QZoneDlgForwardDisable.ico (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\IMSkin\QZoneDlgHomePage.ico (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\IMSkin\QZoneDlgInfo.ico (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\IMSkin\QZoneDlgMarket.ico (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\IMSkin\QZoneDlgMyHome.ico (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\IMSkin\QZoneDlgRefresh.ico (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\IMSkin\Send_Love.ico (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\IMSkin\SessionDlgBoring.ico (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\IMSkin\SessionDlgFriend.ico (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\IMSkin\SessionDlgMsgMode.ico (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\IMSkin\statusbar_spinbutton.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\IMSkin\tabBK.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\IMSkin\tabBKAni.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\IMSkin\tabNormal.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\IMSkin\tabPressed.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\IMSkin\tabsel.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\IMSkin\tabunsel.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\IMSkin\toolbarBK.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\IMSkin\underline.ico (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\IMSkin\UserInfoTitle.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\IMSkin\Window.ico (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\MusicPlugin\ArrowBottomDown.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\MusicPlugin\ArrowBottomNormal.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\MusicPlugin\ArrowBottomOver.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\MusicPlugin\ArrowTopDown.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\MusicPlugin\ArrowTopNormal.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\MusicPlugin\ArrowTopOver.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\MusicPlugin\BkVert.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\MusicPlugin\BUTTON_BK.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\MusicPlugin\button_change_down.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\MusicPlugin\button_change_nor.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\MusicPlugin\button_change_over.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\MusicPlugin\button_list_down.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\MusicPlugin\button_list_nor.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\MusicPlugin\button_lrc_down.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\MusicPlugin\button_lrc_nor.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\MusicPlugin\button_set_down.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\MusicPlugin\button_set_nor.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\MusicPlugin\button_set_over.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\MusicPlugin\Menu_Bottom.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\MusicPlugin\Menu_Close_Click.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\MusicPlugin\Menu_Close_Hot.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\MusicPlugin\Menu_Close_Nornal.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\MusicPlugin\Menu_Left_Border.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\MusicPlugin\Menu_Right_Border.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\MusicPlugin\mp_channel.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\MusicPlugin\mp_channel_active.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\MusicPlugin\mp_thumb.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\MusicPlugin\mp_thumb_active.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\MusicPlugin\MusicPlugin.ini (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\MusicPlugin\player_bk.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\MusicPlugin\player_click.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\MusicPlugin\player_disable.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\MusicPlugin\player_hover.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\MusicPlugin\player_normal.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\MusicPlugin\ScrollText.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\MusicPlugin\ThumbVertDwon.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\MusicPlugin\ThumbVertNormal.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\MusicPlugin\ThumbVertOver.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\MusicPlugin\TitleLeft.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\MusicPlugin\TitleMiddle.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\MusicPlugin\TitleRight.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\SearchPlugin\searchbg.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\SearchPlugin\searchbg22.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\SearchPlugin\searchbutton_down.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\SearchPlugin\searchbutton_nor.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\SearchPlugin\searchbutton_over.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\SearchPlugin\searchclose_down.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\SearchPlugin\searchclose_nor.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\SearchPlugin\searchclose_over.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\SearchPlugin\searchlist_down.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\SearchPlugin\searchlist_nor.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\SearchPlugin\searchlist_over.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\SearchPlugin\searchmidbg.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\NewSkins\QQ2005\SearchPlugin\SearchPlugin.ini (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\pimskin\botBtn1_1_left.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\pimskin\botBtn1_1_mid.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\pimskin\botBtn1_1_right.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\pimskin\botBtn1_2_left.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\pimskin\botBtn1_2_mid.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\pimskin\botBtn1_2_right.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\pimskin\botBtn1_3_left.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\pimskin\botBtn1_3_mid.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\pimskin\botBtn1_3_right.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\pimskin\botBtn1_4_left.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\pimskin\botBtn1_4_mid.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\pimskin\botBtn1_4_right.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\pimskin\botBtn1_default_left.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\pimskin\botBtn1_default_mid.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\pimskin\botBtn1_default_right.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\pimskin\botBtn1_dis_left.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\pimskin\botBtn1_dis_mid.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\pimskin\botBtn1_dis_right.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\pimskin\botBtn1_down_left.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\pimskin\botBtn1_down_mid.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\pimskin\botBtn1_down_right.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\pimskin\botBtn1_nor_left.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\pimskin\botBtn1_nor_mid.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\pimskin\botBtn1_nor_right.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\pimskin\botBtn1_over_left.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\pimskin\botBtn1_over_mid.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\pimskin\botBtn1_over_right.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\pimskin\botM.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\pimskin\clean_down.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\pimskin\clean_normal.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\pimskin\clean_over.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\pimskin\contactdel.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\pimskin\contactmodify.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\pimskin\dlgbk.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\pimskin\dlgtitle.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\pimskin\dlgtitleclose.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\pimskin\dlgtitleclose_down.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\pimskin\dlgtitleclose_nor.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\pimskin\dlgtitleclose_over.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\pimskin\dlg_rightbottom.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\pimskin\droparrow.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\pimskin\droparrow_nor.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\pimskin\droparrow_over.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\pimskin\expand1.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\pimskin\expand2.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\pimskin\grid_head.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\pimskin\Hand.cur (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\pimskin\head_girl.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\pimskin\head_girl_2.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\pimskin\head_man.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\pimskin\head_man_2.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\pimskin\login_bg_left.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\pimskin\login_bg_leftb.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\pimskin\login_bg_leftt.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\pimskin\login_bg_midb.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\pimskin\login_bg_right.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\pimskin\login_bg_rightb.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\pimskin\login_bg_rightt.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\pimskin\login_midt.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\pimskin\login_pic.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\pimskin\main.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\pimskin\man_little.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\pimskin\offline.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\pimskin\outB.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\pimskin\outB_left.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\pimskin\outB_mid.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\pimskin\outB_right.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\pimskin\outlm.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\pimskin\outrm.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\pimskin\pimico.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\pimskin\pim_01.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\pimskin\pim_02.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\pimskin\pim_03.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\pimskin\pim_04.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\pimskin\pim_05.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\pimskin\sb_bottom.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\pimskin\sb_m.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\pimskin\septitle.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\pimskin\split0.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\pimskin\split1.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\pimskin\split2.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\pimskin\split3.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\pimskin\tabbg_normal_close.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\pimskin\tabbg_normal_open.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\pimskin\tabbg_over_close.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\pimskin\tabbg_over_open.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\pimskin\toolbar.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\pimskin\toolbtn1.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\pimskin\topBtn1_1.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\pimskin\topBtn1_2.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\pimskin\topBtn1_3.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\pimskin\topBtn2_1.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\pimskin\topBtn2_2.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\pimskin\topBtn2_3.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\pimskin\topBtn3_1.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\pimskin\topBtn3_2.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\pimskin\topBtn3_3.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\pimskin\topBtn4_1.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\pimskin\topBtn4_2.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\pimskin\topBtn4_3.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\pimskin\topL.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\pimskin\topM.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\pimskin\topR.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\pimskin\woman_little.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\pimskin\zm_def.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\pimskin\zm_down.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\pimskin\zm_nor.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\pimskin\zm_over.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QBox\config.ini (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QBox\HDConfig.xml (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QBox\HDMsgr.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QBox\Def_Skin\ad.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QBox\Def_Skin\bb.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QBox\Def_Skin\btn1_1.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QBox\Def_Skin\btn1_2.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QBox\Def_Skin\btn1_3.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QBox\Def_Skin\btn1_4.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QBox\Def_Skin\btn2_1.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QBox\Def_Skin\btn2_2.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QBox\Def_Skin\btn2_3.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QBox\Def_Skin\btn2_4.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QBox\Def_Skin\btn3_1.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QBox\Def_Skin\btn3_2.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QBox\Def_Skin\btn3_3.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QBox\Def_Skin\btn3_4.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QBox\Def_Skin\button1_1.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QBox\Def_Skin\button1_2.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QBox\Def_Skin\button1_3.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QBox\Def_Skin\button2_1.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QBox\Def_Skin\button2_2.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QBox\Def_Skin\button2_3.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QBox\Def_Skin\button3_1.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QBox\Def_Skin\button3_2.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QBox\Def_Skin\button3_3.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QBox\Def_Skin\config.xml (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QBox\Def_Skin\fg1_1.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QBox\Def_Skin\fg1_2.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QBox\Def_Skin\fg1_3.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QBox\Def_Skin\fg2_1.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QBox\Def_Skin\fg2_2.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QBox\Def_Skin\fg2_3.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QBox\Def_Skin\gray1.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QBox\Def_Skin\gray2.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QBox\Def_Skin\gray5.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QBox\Def_Skin\gray6.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QBox\Def_Skin\Hand.cur (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QBox\Def_Skin\ivr_btn_1.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QBox\Def_Skin\ivr_btn_2.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QBox\Def_Skin\ivr_btn_3.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QBox\Def_Skin\lb.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QBox\Def_Skin\line1.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QBox\Def_Skin\line2.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QBox\Def_Skin\listtop.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QBox\Def_Skin\lm.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QBox\Def_Skin\mid_bk.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QBox\Def_Skin\rb.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QBox\Def_Skin\rm.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QBox\Def_Skin\separator.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QBox\Def_Skin\tab_bk.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QBox\Def_Skin\title1.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QBox\Def_Skin\title2.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QBox\Def_Skin\title3.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QBox\Def_Skin\toolbar_bk.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QBox\Def_Skin\tool_btn1_1.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QBox\Def_Skin\tool_btn1_2.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QBox\Def_Skin\tool_btn1_3.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QBox\Def_Skin\tool_btn2_1.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QBox\Def_Skin\tool_btn2_2.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QBox\Def_Skin\tool_btn2_3.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QBox\Def_Skin\tool_btn3_1.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QBox\Def_Skin\tool_btn3_2.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QBox\Def_Skin\tool_btn3_3.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QBox\Def_Skin\tool_btn4_1.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QBox\Def_Skin\tool_btn4_2.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QBox\Def_Skin\tool_btn4_3.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QBox\Def_Skin\tool_btn5_1.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QBox\Def_Skin\tool_btn5_2.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QBox\Def_Skin\tool_btn5_3.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QBox\Def_Skin\tool_btn6_1.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QBox\Def_Skin\tool_btn6_2.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QBox\Def_Skin\tool_btn6_3.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QBox\Def_Skin\tool_btn7_1.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QBox\Def_Skin\tool_btn7_2.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QBox\Def_Skin\tool_btn7_3.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QBox\Def_Skin\tool_btn8_1.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QBox\Def_Skin\tool_btn8_2.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QBox\Def_Skin\tool_btn8_3.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QBox\Def_Skin\tool_btn8_gray.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QBox\Def_Skin\top_bk.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QBox\Def_Skin\tree_bk.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QBox\Def_Skin\VBScript.vbs (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QBox\Def_Skin\msg\bb.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QBox\Def_Skin\msg\btn1_1.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QBox\Def_Skin\msg\btn1_2.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QBox\Def_Skin\msg\btn1_3.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QBox\Def_Skin\msg\btn1_4.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QBox\Def_Skin\msg\btn2_1.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QBox\Def_Skin\msg\btn2_2.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QBox\Def_Skin\msg\btn2_3.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QBox\Def_Skin\msg\btn2_4.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QBox\Def_Skin\msg\btn3_1.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QBox\Def_Skin\msg\btn3_2.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QBox\Def_Skin\msg\btn3_3.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QBox\Def_Skin\msg\btn3_4.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QBox\Def_Skin\msg\config.xml (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QBox\Def_Skin\msg\delmsg.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QBox\Def_Skin\msg\Hand.cur (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QBox\Def_Skin\msg\lb.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QBox\Def_Skin\msg\line1.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QBox\Def_Skin\msg\line2.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QBox\Def_Skin\msg\listtop.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QBox\Def_Skin\msg\listtop_2.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QBox\Def_Skin\msg\lm.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QBox\Def_Skin\msg\midback.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QBox\Def_Skin\msg\msg.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QBox\Def_Skin\msg\rb.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QBox\Def_Skin\msg\rm.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QBox\Def_Skin\msg\title1.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QBox\Def_Skin\msg\title2.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QBox\Def_Skin\msg\title3.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QBox\Def_Skin\msg\VBScript.vbs (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QBox\Def_Skin\pay\bb.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QBox\Def_Skin\pay\btn1_1.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QBox\Def_Skin\pay\btn1_2.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QBox\Def_Skin\pay\btn1_3.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QBox\Def_Skin\pay\btn1_4.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QBox\Def_Skin\pay\btn2_1.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QBox\Def_Skin\pay\btn2_2.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QBox\Def_Skin\pay\btn2_3.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QBox\Def_Skin\pay\btn2_4.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QBox\Def_Skin\pay\btn3_1.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QBox\Def_Skin\pay\btn3_2.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QBox\Def_Skin\pay\btn3_3.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QBox\Def_Skin\pay\btn3_4.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QBox\Def_Skin\pay\config.xml (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QBox\Def_Skin\pay\Hand.cur (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QBox\Def_Skin\pay\lb.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QBox\Def_Skin\pay\lm.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QBox\Def_Skin\pay\midback.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QBox\Def_Skin\pay\rb.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QBox\Def_Skin\pay\rm.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QBox\Def_Skin\pay\title1.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QBox\Def_Skin\pay\title2.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QBox\Def_Skin\pay\title3.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QBox\Def_Skin\pay\VBScript.vbs (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QBox\msg\td_bk.jpg (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QBox\msg\template.htm (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QQAddrDat\CityList.dat (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QQAddrDat\countrylist.dat (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QQAddrDat\mobilelist.dat (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QQAddrDat\nation.dat (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QQAddrDat\tradelist.dat (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QQAddrPlugin\AddrImportAddrBook.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QQAddrPlugin\AddrImportCSV.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QQAddrPlugin\AddrImportMobilePanel.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QQAddrPlugin\AddrImportNetAddress.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QQAddrPlugin\AddrImportOutlook.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QQAddrPlugin\AddrImportVcf.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QQBuddy\Config.ini (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QQBuddy\Dat\Profile.html (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QQBuddy\Dat\images\bg_01.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QQBuddy\Dat\images\line_01.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QQBuddy\Dat\images\space.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QQBuddy\Def_Skin\botBtn1_1.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QQBuddy\Def_Skin\botBtn1_2.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QQBuddy\Def_Skin\botBtn1_3.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QQBuddy\Def_Skin\botBtn1_4.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QQBuddy\Def_Skin\botM.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QQBuddy\Def_Skin\config.xml (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QQBuddy\Def_Skin\Hand.cur (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QQBuddy\Def_Skin\leftBtn1_1.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QQBuddy\Def_Skin\leftBtn1_2.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QQBuddy\Def_Skin\leftBtn1_3.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QQBuddy\Def_Skin\leftL.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QQBuddy\Def_Skin\leftM.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QQBuddy\Def_Skin\leftR.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QQBuddy\Def_Skin\midBtn1_1.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QQBuddy\Def_Skin\midBtn1_2.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QQBuddy\Def_Skin\midBtn1_3.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QQBuddy\Def_Skin\midBtn2_1.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QQBuddy\Def_Skin\midBtn2_2.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QQBuddy\Def_Skin\midBtn2_3.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QQBuddy\Def_Skin\midBtn3_1.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QQBuddy\Def_Skin\midBtn3_2.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QQBuddy\Def_Skin\midBtn3_3.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QQBuddy\Def_Skin\midBtn5_1.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QQBuddy\Def_Skin\midBtn5_2.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QQBuddy\Def_Skin\midBtn5_3.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QQBuddy\Def_Skin\midM.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QQBuddy\Def_Skin\midR.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QQBuddy\Def_Skin\outB.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QQBuddy\Def_Skin\outlm.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QQBuddy\Def_Skin\outrm.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QQBuddy\Def_Skin\rightPic1.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QQBuddy\Def_Skin\tabBtn1_1.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QQBuddy\Def_Skin\tabBtn1_2.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QQBuddy\Def_Skin\tabBtn1_3.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QQBuddy\Def_Skin\tabBtn2_1.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QQBuddy\Def_Skin\tabBtn2_2.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QQBuddy\Def_Skin\tabBtn2_3.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QQBuddy\Def_Skin\topBtn1_1.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QQBuddy\Def_Skin\topBtn1_2.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QQBuddy\Def_Skin\topBtn1_3.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QQBuddy\Def_Skin\topBtn2_1.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QQBuddy\Def_Skin\topBtn2_2.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QQBuddy\Def_Skin\topBtn2_3.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QQBuddy\Def_Skin\topBtn3_1.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QQBuddy\Def_Skin\topBtn3_2.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QQBuddy\Def_Skin\topBtn3_3.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QQBuddy\Def_Skin\topBtn4_1.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QQBuddy\Def_Skin\topBtn4_2.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QQBuddy\Def_Skin\topBtn4_3.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QQBuddy\Def_Skin\topL.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QQBuddy\Def_Skin\topM.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QQBuddy\Def_Skin\topR.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QQBuddy\Def_Skin\VBScript.vbs (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QQDialSkin\default\01bt_mark.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QQDialSkin\default\01bt_normal.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QQDialSkin\default\01bt_over.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QQDialSkin\default\01bt_press.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QQDialSkin\default\02bt_mark.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QQDialSkin\default\02bt_normal.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QQDialSkin\default\02bt_over.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QQDialSkin\default\02bt_press.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QQDialSkin\default\03bt_mark.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QQDialSkin\default\03bt_normal.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QQDialSkin\default\03bt_over.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QQDialSkin\default\03bt_press.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QQDialSkin\default\bar_bg.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QQDialSkin\default\bar_botton_nor.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QQDialSkin\default\bar_botton_over.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QQDialSkin\default\bar_down_nor.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QQDialSkin\default\bar_down_over.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QQDialSkin\default\bar_up_nor.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QQDialSkin\default\bar_up_over.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QQDialSkin\default\bg02.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QQDialSkin\default\bg03.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QQDialSkin\default\bt_close_down.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QQDialSkin\default\bt_close_nor.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QQDialSkin\default\bt_close_over.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QQDialSkin\default\bt_help_down.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QQDialSkin\default\bt_help_nor.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QQDialSkin\default\bt_help_over.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QQDialSkin\default\bt_hide_down.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QQDialSkin\default\bt_hide_nor.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QQDialSkin\default\bt_hide_over.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QQDialSkin\default\button_jl_down.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QQDialSkin\default\button_jl_nor.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QQDialSkin\default\button_jl_over.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QQDialSkin\default\button_lx_down.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QQDialSkin\default\button_lx_nor.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QQDialSkin\default\button_lx_over.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QQDialSkin\default\button_sz_down.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QQDialSkin\default\button_sz_nor.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QQDialSkin\default\button_sz_over.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QQDialSkin\default\config.xml (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QQDialSkin\default\VBScript.vbs (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\qqedit\npkcrypt.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\qqedit\npkcrypt.sys (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\qqedit\qqedit.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QQPet\BugReport.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QQPet\GdiPlus.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QQPet\QQPet.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QQPet\QQPetCommunity.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QQPet\QQPetDazzle.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QQPet\QQPetResDownload.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QRingFiles\1.wav (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QRingFiles\2.wav (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QRingFiles\3.wav (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QRingFiles\4.wav (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QRingFiles\5.wav (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QZone\Mfc42.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QZone\PhotoUploadCtrl.ocx (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\QZone\upload.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\SkinBmp\button1.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\SkinBmp\button2.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\SkinBmp\button3.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\SkinBmp\button4.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\SkinBmp\defaultcolor.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\SkinBmp\menu-normal.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\SkinBmp\menu-pass.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\SkinBmp\menu-press.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\SkinBmp\SideBarExtent1.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\SkinBmp\SideBarExtent2.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\SkinBmp\SideBarExtent3.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\SkinBmp\SideBarNormal1.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\SkinBmp\SideBarNormal2.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\SkinBmp\SideBarNormal3.bmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\sound\call.wav (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\sound\folder.wav (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\sound\Global.wav (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\sound\msg.wav (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\sound\ring.wav (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Tencent\QQ\sound\system.wav (Adware.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\amvo.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\amvo0.dll (Trojan.Agent) -> Delete on reboot.
C:\WINDOWS\system32\amvo1.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Pepi\Favorites\Online Security Test.url (Rogue.Link) -> Quarantined and deleted successfully.

============================================================================


MAIN

============================================================================

Deckard's System Scanner v20071014.68
Run by Pepi on 2008-05-17 01:50:13
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

Successfully created a Deckard's System Scanner Restore Point.


-- Last 5 Restore Point(s) --
73: 2008-05-17 07:51:04 UTC - RP948 - Deckard's System Scanner Restore Point
72: 2008-05-16 19:44:37 UTC - RP947 - Software Distribution Service 3.0
71: 2008-05-16 18:09:12 UTC - RP946 - System Checkpoint
70: 2008-05-15 05:48:54 UTC - RP945 - Software Distribution Service 3.0
69: 2008-05-13 23:44:37 UTC - RP944 - System Checkpoint


-- First Restore Point --
1: 2008-02-16 22:08:34 UTC - RP876 - Software Distribution Service 3.0


Backed up registry hives.
Performed disk cleanup.

Total Physical Memory: 480 MiB (512 MiB recommended).
System Drive C: has 2.18 GiB (less than 15%) free.


-- HijackThis (run as Pepi.exe) ------------------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 1:54:04 AM, on 5/17/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\WINDOWS\system32\RAMASST.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\WINDOWS\System32\DVDRAMSV.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\System32\PAStiSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\wltrysvc.exe
C:\WINDOWS\System32\bcmwltry.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Java\jre1.6.0_02\bin\jucheck.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Documents and Settings\Pepi\Desktop\dss.exe
C:\DOCUME~1\Pepi\Desktop\LIMPIA~1\HIJACK~1\Pepi.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 125.7.203.168:80
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: IeMonitorBho Class - {8170D7DC-BDD6-461e-88EB-F047257898C9} - C:\Program Files\Conceiva\DownloadStudio\DLMonitr.dll
O3 - Toolbar: &DownloadStudio - {CB789373-04D5-4ef4-9C16-871463FD0830} - C:\Program Files\Conceiva\DownloadStudio\WebDLBar.dll
O3 - Toolbar: Protection Bar - {bf1ced2c-4b3f-4079-a330-864eda5a4cff} - C:\Program Files\QualityCodec\iesplugin.dll (file missing)
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
O4 - HKCU\..\Run: [amva] C:\WINDOWS\system32\amvo.exe
O4 - Startup: hc_tray.lnk = C:\Program Files\DOGKuma Games\hcsystray\hc_tray.exe
O4 - Startup: Tencent QQ.lnk = C:\Program Files\Tencent\QQ\QQ.exe
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: RAMASST.lnk = C:\WINDOWS\system32\RAMASST.exe
O8 - Extra context menu item: &NeoTrace It! - C:\PROGRA~1\NEOTRA~1\NTXcontext.htm
O8 - Extra context menu item: Add Page To DownloadStudio Scrapbook... - C:\Program Files\Conceiva\DownloadStudio\ds_snap.htm
O8 - Extra context menu item: Add to QQ Customized Emoticons - C:\Program Files\Tencent\QQ\AddEmotion.htm
O8 - Extra context menu item: Add to QQ Customized Panel - C:\Program Files\Tencent\QQ\AddPanel.htm
O8 - Extra context menu item: Download Image Using DownloadStudio... - C:\Program Files\Conceiva\DownloadStudio\ds_img.htm
O8 - Extra context menu item: Download Page Using DownloadStudio... - C:\Program Files\Conceiva\DownloadStudio\ds_all.htm
O8 - Extra context menu item: Download Selection Using DownloadStudio... - C:\Program Files\Conceiva\DownloadStudio\ds_sel.htm
O8 - Extra context menu item: Download Target Using DownloadStudio... - C:\Program Files\Conceiva\DownloadStudio\ds_file.htm
O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Send Picture with QQ MMS - C:\Program Files\Tencent\QQ\SendMMS.htm
O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Show Page Links Using DownloadStudio... - C:\Program Files\Conceiva\DownloadStudio\ds_link.htm
O8 - Extra context menu item: Subscribe To RSS Feed... - C:\Program Files\Conceiva\DownloadStudio\ds_rss.htm
O9 - Extra button: Trace - {04849C74-016E-4a43-8AA5-1F01DE57F4A1} - C:\Program Files\VisualRoute\vrie.dll
O9 - Extra 'Tools' menuitem: VisualRoute Trace - {04849C74-016E-4a43-8AA5-1F01DE57F4A1} - C:\Program Files\VisualRoute\vrie.dll
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: (no name) - {4D0C4820-53F7-4d79-A2E1-5252683CF69C} - C:\Program Files\Conceiva\DownloadStudio\DownloadStudio.exe
O9 - Extra 'Tools' menuitem: &DownloadStudio - {4D0C4820-53F7-4d79-A2E1-5252683CF69C} - C:\Program Files\Conceiva\DownloadStudio\DownloadStudio.exe
O9 - Extra button: DownloadStudio - {7FCA7BD7-8F4D-4a81-BE72-A470F4E517D5} - C:\Program Files\Conceiva\DownloadStudio\WebDLBar.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe (file missing)
O9 - Extra button: Referencia - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: NeoTrace It! - {9885224C-1217-4c5f-83C2-00002E6CEF2B} - C:\PROGRA~1\NEOTRA~1\NTXtoolbar.htm (HKCU)
O14 - IERESET.INF: START_PAGE_URL=http://www.averatec.com
O16 - DPF: {01111F00-3E00-11D2-8470-0060089874ED} (Support.com Installer) - http://supportsoft.adelphia.net/sdccommon/...ad/tgctlins.cab
O16 - DPF: {488A4255-3236-44B3-8F27-FA1AECAA8844} (CEditCtrl Object) - https://img.alipay.com/download/1007/aliedit.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1156293551756
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://212.98.46.120/activex/AxisCamControl.ocx
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: DVD-RAM_Service - Matsubleepa Electric Industrial Co., Ltd. - C:\WINDOWS\System32\DVDRAMSV.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: Local Security (secsys) - Unknown owner - C:\WINDOWS\Cachewin\secsys.exe (file missing)
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe
O23 - Service: WLTRYSVC - Unknown owner - C:\WINDOWS\System32\wltrysvc.exe

--
End of file - 10327 bytes

-- HijackThis Fixed Entries (C:\DOCUME~1\Pepi\Desktop\LIMPIA~1\HIJACK~1\backups\) --------------------------------------------------------------------------------

backup-20050418-192124-924 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
backup-20050418-192125-119 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
backup-20050418-192125-329 O4 - HKLM\..\Run: [gah95on6] C:\WINDOWS\System32\gah95on6.exe
backup-20050418-192125-417 O15 - Trusted Zone: *.skoobidoo.com (HKLM)
backup-20050418-192125-514 O4 - HKLM\..\Run: [ControlPanel] C:\WINDOWS\System32\cmd32.exe internat.dll,LoadKeyboardProfile
backup-20050418-192125-684 O15 - Trusted Zone: *.slotchbar.com (HKLM)
backup-20050418-192125-883 O15 - Trusted Zone: *.windupdates.com (HKLM)
backup-20050821-155500-139 R3 - Default URLSearchHook is missing
backup-20050821-155500-146 R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://sna-srv-eng-01/
backup-20050821-155500-154 O4 - HKLM\..\Run: [NAVNet] "C:\DOCUME~1\Pepi\LOCALS~1\Temp\3.tmp" /m
backup-20050821-155500-278 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
backup-20050821-155500-307 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
backup-20050821-155500-477 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINDOWS\pjimd.dll/sp.html#55135
backup-20050821-155500-527 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\pjimd.dll/sp.html#55135
backup-20050821-155500-630 O4 - HKLM\..\Run: [mfcxb32.exe] C:\WINDOWS\mfcxb32.exe
backup-20050821-155500-720 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
backup-20050821-155500-893 O4 - HKLM\..\Run: [winupdates] C:\Program Files\winupdates\winupdates.exe /auto
backup-20050821-155500-905 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
backup-20051212-010124-393 O4 - HKLM\..\Run: [winupdates] C:\Program Files\winupdates\winupdates.exe /auto
backup-20051212-010124-802 O9 - Extra button: Poker.com - {6FDD5236-C9F0-49ef-935D-385F5E21991A} - E:\Poker\Poker.com\poker.exe (file missing)
backup-20051212-101404-275 O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
backup-20051212-101404-555 O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
backup-20051212-101404-741 O4 - HKLM\..\Run: [Lxmqqs] C:\Program Files\Slhcrgu\Wcat.exe
backup-20051212-101404-877 O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
backup-20060722-233944-156 O15 - Trusted Zone: www.skymasters.biz
backup-20060722-233944-212 O15 - Trusted Zone: www.archiviosex.net
backup-20060722-233944-245 O17 - HKLM\System\CCS\Services\Tcpip\..\{719A0974-8A5D-4E72-8055-BD4A030BAE7E}: NameServer = 85.255.115.68,85.255.112.118
backup-20060722-233944-262 O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.115.68 85.255.112.118
backup-20060722-233944-310 O17 - HKLM\System\CS1\Services\Tcpip\..\{0D4D6204-A5F8-46D4-AE8E-DFE917F17366}: NameServer = 85.255.115.68,85.255.112.118
backup-20060722-233944-316 O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.115.68 85.255.112.118
backup-20060722-233944-324 O17 - HKLM\System\CS2\Services\Tcpip\..\{0D4D6204-A5F8-46D4-AE8E-DFE917F17366}: NameServer = 85.255.115.68,85.255.112.118
backup-20060722-233944-341 O15 - Trusted Zone: www.redfunny.com
backup-20060722-233944-648 O17 - HKLM\System\CCS\Services\Tcpip\..\{76E29002-92E5-4218-A7D6-CCECC6D984A5}: NameServer = 85.255.115.68,85.255.112.118
backup-20060722-233944-801 O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 85.255.115.68 85.255.112.118
backup-20060722-233944-859 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
backup-20060722-233944-978 O17 - HKLM\System\CCS\Services\Tcpip\..\{0D4D6204-A5F8-46D4-AE8E-DFE917F17366}: NameServer = 85.255.115.68,85.255.112.118
backup-20060722-233944-980 O4 - HKCU\..\Run: [Windows installer] C:\winstall.exe

-- File Associations -----------------------------------------------------------

.reg - regfile - shell\open\command - regedit.exe "%1" %*
.scr - scrfile - shell\open\command - "%1" %*


-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

R0 BsStor (B.H.A Storage Helper Driver) - c:\windows\system32\drivers\bsstor.sys <Not Verified; B.H.A Co.,Ltd.; >
R1 cdrbsvsd - c:\windows\system32\drivers\cdrbsvsd.sys <Not Verified; B.H.A Corporation; B's Recorder GOLD7>
R1 meiudf - c:\windows\system32\drivers\meiudf.sys <Not Verified; Matsubleepa Electric Industrial Co.,Ltd.; >
R1 PQNTDrv - c:\windows\system32\drivers\pqntdrv.sys <Not Verified; PowerQuest Corporation; PowerQuest product>
R2 BTSLBCSP (Bluetooth Port Client Driver) - c:\windows\system32\drivers\btslbcsp.sys <Not Verified; Broadcom Corporation.; Bluetooth Software 5.1.0.2100>

S3 btwhid - c:\windows\system32\drivers\btwhid.sys <Not Verified; Broadcom Corporation.; Bluetooth Software 5.1.0.2100>
S3 Mortondrv2006 - c:\program files\wlogs\hxdefdrv.sys (file missing)
S3 MS1000 - c:\windows\system32\drivers\ms1000.sys
S3 NTSIM - c:\windows\system32\ntsim.sys <Not Verified; VIA Networking, Inc.; Network Device Monitor Utility>
S3 tcpip_patcher - c:\program files\ares\tcpip_patcher.sys (file missing)
S3 VIASens (Vinyl Sensaura WDM 3D Audio Driver) - c:\windows\system32\drivers\viasens.sys <Not Verified; Sensaura Ltd; >


-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

R2 CCALib8 (Canon Camera Access Library 8) - c:\program files\canon\cal\calmain.exe <Not Verified; Canon Inc.; >
R2 DVD-RAM_Service - c:\windows\system32\dvdramsv.exe <Not Verified; Matsubleepa Electric Industrial Co., Ltd.; >

S2 secsys (Local Security) - c:\windows\cachewin\secsys.exe (file missing)
S3 rpcapd (Remote Packet Capture Protocol v.0 (experimental)) - "c:\program files\winpcap\rpcapd.exe" -d -f "c:\program files\winpcap\rpcapd.ini" <Not Verified; CACE Technologies; Remote Packet Capture Daemon>


-- Device Manager: Disabled ----------------------------------------------------

No disabled devices found.


-- Files created between 2008-04-17 and 2008-05-17 -----------------------------

2008-05-13 19:50:02 102954 -r-hs---- C:\uq9peya.bat
2008-05-13 19:49:31 70656 -r-hs---- C:\WINDOWS\system32\amvo0.dll
2008-05-13 19:49:31 102954 -r-hs---- C:\WINDOWS\system32\amvo.exe
2008-05-06 09:55:42 0 d-------- C:\Documents and Settings\Pepi\Application Data\Malwarebytes
2008-05-06 09:55:34 0 d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-05-06 09:55:32 0 d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-05-02 17:54:05 0 d--h----- C:\Documents and Settings\All Users\Application Data\CanonBJ
2008-04-25 21:57:06 5376 --a------ C:\WINDOWS\system32\drivers\MS1000.sys
2008-04-25 21:55:24 0 d-------- C:\Program Files\The Cleaner Free
2008-04-24 11:28:48 0 dr-h----- C:\Documents and Settings\Pepi\Recent
2008-04-17 16:01:42 0 d-------- C:\Documents and Settings\Pepi\Application Data\mIRC
2008-04-17 16:01:39 0 d-------- C:\Program Files\mIRC


-- Find3M Report ---------------------------------------------------------------

2008-05-11 22:05:46 0 d-------- C:\Documents and Settings\Pepi\Application Data\Skype
2008-04-01 17:41:54 103182 -r-hs---- C:\mvxm.cmd
2008-03-31 14:57:18 103704 -r-hs---- C:\q.com
2008-03-23 16:41:17 0 d-------- C:\Program Files\DOSBox-0.72
2008-03-21 22:24:19 0 d-------- C:\Documents and Settings\Pepi\Application Data\Real


-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPLpr"="C:\Program Files\Synaptics\SynTP\SynTPLpr.exe" [04/24/2003 11:51 AM]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [04/24/2003 11:44 AM]
"RemoteControl"="C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe" [10/31/2003 09:42 PM]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [02/16/2007 09:54 AM]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [01/08/2006 02:30 AM]
"DAEMON Tools"="C:\Program Files\DAEMON Tools\daemon.exe" [12/10/2005 08:57 AM]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [07/09/2001 10:50 AM]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [03/14/2007 06:05 PM]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" [07/12/2007 04:00 AM]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PowerBar"="" []
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [08/04/2004 01:56 AM]
"msnmsgr"="C:\Program Files\MSN Messenger\msnmsgr.exe" [01/19/2007 11:54 AM]
"Yahoo! Pager"="C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" [08/30/2007 05:43 PM]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [10/13/2004 10:24 AM]
"ares"="C:\Program Files\Ares\Ares.exe" []
"amva"="C:\WINDOWS\system32\amvo.exe" [04/12/2008 10:27 AM]

C:\Documents and Settings\Pepi\Start Menu\Programs\Startup\
hc_tray.lnk - C:\Program Files\DOGKuma Games\hcsystray\hc_tray.exe [4/26/2007 1:49:20 PM]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
SecurityProviders msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll,

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vds]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
@="Volume shadow copy"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdaptecDirectCD]
C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ares]
"C:\Program Files\Ares\Ares.exe" -h

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DownloadStudio]
C:\Program Files\Conceiva\DownloadStudio\DownloadStudioScheduleMonitor.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eMule Acceleration Patch]
C:\Documents and Settings\All Users\Start Menu\Programs\eMule Acceleration Patch\eMule Acceleration Patch.lnk

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\googletalk]
"C:\Program Files\Google\Google Talk\googletalk.exe" /autostart

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MessengerPlus3]
"C:\Program Files\MessengerPlus! 3\MsgPlus.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
"C:\Program Files\Messenger\msmsgs.exe" /background

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SystemKey]


[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Yahoo! Pager]
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet


[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1c8179f2-f9b9-11dc-821f-00404518ef7c}]
AutoRun\command- F:\uq9peya.bat
explore\Command- F:\uq9peya.bat
open\Command- F:\uq9peya.bat




-- End of Deckard's System Scanner: finished at 2008-05-17 01:55:04 ------------

============================================================================

EXTRA

============================================================================

Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------

-- System Information ----------------------------------------------------------

Microsoft Windows XP Professional (build 2600) SP 2.0
Architecture: X86; Language: English

CPU 0: mobile AMD Athlon™ XP-M (LV) 2000+
Percentage of Memory in Use: 59%
Physical Memory (total/avail): 479.48 MiB / 192.21 MiB
Pagefile Memory (total/avail): 1125.14 MiB / 943.72 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1917.25 MiB

C: is Fixed (NTFS) - 34.18 GiB total, 2.18 GiB free.
D: is CDROM (No Media)
E: is CDROM (No Media)

\\.\PHYSICALDRIVE0 - IC25N040ATMR04-0 - 37.26 GiB - 2 partitions
\PARTITION0 (bootable) - Installable File System - 34.18 GiB - C:
\PARTITION1 - Extended Partition - 3.08 GiB



-- Security Center -------------------------------------------------------------

AUOptions is set to notify before install.
Windows Internal Firewall is enabled.


[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"="C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe:*:Enabled:Yahoo! Messenger"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Messenger"
"C:\\Program Files\\iTunes\\iTunes.exe"="C:\\Program Files\\iTunes\\iTunes.exe:*:Enabled:iTunes"
"C:\\Program Files\\Ares\\Ares.exe"="C:\\Program Files\\Ares\\Ares.exe:*:Enabled:Ares p2p for windows"
"C:\\Documents and Settings\\Pepi\\My Documents\\mIRC\\mirc.exe"="C:\\Documents and Settings\\Pepi\\My Documents\\mIRC\\mirc.exe:*:Enabled:mIRC"
"C:\\Program Files\\LimeWire\\LimeWire.exe"="C:\\Program Files\\LimeWire\\LimeWire.exe:*:Enabled:LimeWire"
"C:\\Program Files\\mIRC\\mirc.exe"="C:\\Program Files\\mIRC\\mirc.exe:*:Enabled:mIRC"
"C:\\Program Files\\Skype\\Phone\\Skype.exe"="C:\\Program Files\\Skype\\Phone\\Skype.exe:*:Enabled:Skype. Take a deep breath "


-- Environment Variables -------------------------------------------------------

ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\Pepi\Application Data
CLASSPATH=.;C:\Program Files\Java\jre1.5.0_03\lib\ext\QTJava.zip
CLIENTNAME=Console
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=PEPILAPTOP
ComSpec=C:\WINDOWS\system32\cmd.exe
FCOM_INSTALL_DIR=Airbus\Fcom
FCOM_INSTALL_DRIVE=C:
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\Pepi
LOGONSERVER=\\PEPILAPTOP
NUMBER_OF_PROCESSORS=1
OS=Windows_NT
Path=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\system32\wbem;C:\Program Files\Common Files\Adaptec Shared\System;C:\Program Files\QuickTime\QTSystem"
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 6 Model 10 Stepping 0, AuthenticAMD
PROCESSOR_LEVEL=6
PROCESSOR_REVISION=0a00
ProgramFiles=C:\Program Files
PROMPT=$P$G
QTJAVA=C:\Program Files\Java\jre1.5.0_03\lib\ext\QTJava.zip
SESSIONNAME=Console
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\Pepi\LOCALS~1\Temp
TMP=C:\DOCUME~1\Pepi\LOCALS~1\Temp
USER=sd
USERDOMAIN=PEPILAPTOP
USERNAME=Pepi
USERPROFILE=C:\Documents and Settings\Pepi
windir=C:\WINDOWS


-- User Profiles ---------------------------------------------------------------

Pepi (admin)
Casa
Administrator (admin)


-- Add/Remove Programs ---------------------------------------------------------

--> C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
--> C:\WINDOWS\IsUninst.exe -fC:\WINDOWS\orun32.isu
--> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
AC3Filter (remove only) --> C:\Program Files\AC3Filter\uninstall.exe
Accurate Outlook Express Mail Expert 3.2 --> "C:\Program Files\Accurate Outlook Express Mail Expert\unins000.exe"
Ad-Aware SE Personal --> C:\PROGRA~1\Lavasoft\AD-AWA~1\UNWISE.EXE C:\PROGRA~1\Lavasoft\AD-AWA~1\INSTALL.LOG
Adobe Flash Player ActiveX --> C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player Plugin --> C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Photoshop 7.0 --> C:\WINDOWS\ISUNINST.EXE -f"C:\Program Files\Adobe\Photoshop 7.0\Uninst.isu" -c"C:\Program Files\Adobe\Photoshop 7.0\Uninst.dll"
Adobe Reader 6.0.1 --> MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A00000000001}
Adobe Shockwave Player --> C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log
Airbus - Fcom Oeb Consultation Tool --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Airbus\Fcom\Uninst\setup.exe" anything
ANYCOM USB-200/250 Bluetooth Software --> MsiExec.exe /X{3F4EC965-28EF-45C3-B063-04B25D4E9679}
BCM Wireless Network Adapter --> C:\WINDOWS\system32\BCMWLU00.exe verbose
BHA B's Recorder GOLD BASIC 7.13 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{36D00AE6-69DE-4087-A1A9-84ADD10E5530}\Setup.exe" -l0x9
Canon Camera Access Library --> "C:\Program Files\Common Files\Canon\UIW\1.0.0.0\Uninst.exe" "C:\Program Files\Canon\CAL\Uninst.ini"
Canon Camera Support Core Library --> "C:\Program Files\Common Files\Canon\UIW\1.0.0.0\Uninst.exe" "C:\Program Files\Canon\CSCLIB\Uninst.ini"
Canon Camera Window DC_DV 5 for ZoomBrowser EX --> "C:\Program Files\Common Files\Canon\UIW\1.0.0.0\Uninst.exe" "C:\Program Files\Canon\CameraWindow\CameraWindowDVC\Uninst.ini"
Canon Camera Window DC_DV 6 for ZoomBrowser EX --> "C:\Program Files\Common Files\Canon\UIW\1.0.0.0\Uninst.exe" "C:\Program Files\Canon\CameraWindow\CameraWindowDVC6\Uninst.ini"
Canon Camera Window MC 6 for ZoomBrowser EX --> "C:\Program Files\Common Files\Canon\UIW\1.0.0.0\Uninst.exe" "C:\Program Files\Canon\CameraWindow\CameraWindowMC\Uninst.ini"
Canon G.726 WMP-Decoder --> "C:\Program Files\Common Files\Canon\UIW\1.0.0.0\Uninst.exe" "C:\Program Files\Canon\G726Decoder\G726DecUnInstall.ini"
Canon MovieEdit Task for ZoomBrowser EX --> "C:\Program Files\Common Files\Canon\UIW\1.0.0.0\Uninst.exe" "C:\Program Files\Canon\ZoomBrowser EX\Program\MVWUninst.ini"
Canon RAW Image Task for ZoomBrowser EX --> "C:\Program Files\Common Files\Canon\UIW\1.0.0.0\Uninst.exe" "C:\Program Files\Canon\RAW Image Task\Uninst.ini"
Canon RemoteCapture Task for ZoomBrowser EX --> "C:\Program Files\Common Files\Canon\UIW\1.0.0.0\Uninst.exe" "C:\Program Files\Canon\CameraWindow\RemoteCaptureTask DC\Uninst.ini"
Canon Utilities EOS Utility --> "C:\Program Files\Common Files\Canon\UIW\1.0.0.0\Uninst.exe" "C:\Program Files\Canon\EOS Utility\Uninst.ini"
Canon Utilities PhotoStitch --> "C:\Program Files\Common Files\Canon\UIW\1.0.0.0\Uninst.exe" "C:\Program Files\Canon\PhotoStitch\Uninst.ini"
Canon Utilities ZoomBrowser EX --> "C:\Program Files\Common Files\Canon\UIW\1.0.0.0\Uninst.exe" "C:\Program Files\Canon\ZoomBrowser EX\Program\Uninst.ini"
CC Network Video Client --> RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\CCVidCL.INF, DefaultUninstall
CCleaner (remove only) --> "C:\Program Files\CCleaner\uninst.exe"
CleanUp! --> C:\Program Files\CleanUp!\uninstall.exe
Core FTP LE 2.0 --> C:\PROGRA~1\CoreFTP\UNWISE.EXE C:\PROGRA~1\CoreFTP\INSTALL.LOG
CutePDF Writer 2.2 --> C:\WINDOWS\System32\uninscpw.exe C:\Program Files\
DivX --> C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
DivX Player --> C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
DownloadStudio --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0525DC74-9635-4A6F-A7CD-9AAC9D9959FD}\setup.exe" -l0x9 -removeonly
DVD-RAM Driver --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9D765FA6-F2BC-40AF-8145-50808F9BDF4E}\Setup.exe" DVD-RAM Driver
DVD Solution --> "C:\Program Files\Uninstall_CDS.exe"
DYMO Label Software --> C:\PROGRA~1\DYMOLA~1\UNINSTAL.EXE /U C:\PROGRA~1\DYMOLA~1\INSTALL.LOG
Easy CD Creator 5 Basic --> MsiExec.exe /I{609F7AC8-C510-11D4-A788-009027ABA5D0}
emu8086 microprocessor emulator --> "c:\emu8086\unins000.exe"
eMule --> "C:\Program Files\eMule\Uninstall.exe"
Excel Key Demo --> C:\PROGRA~1\Passware\demos\UNWISE.EXE /U C:\PROGRA~1\Passware\demos\xlkey.log
FAA Test Prep --> C:\PROGRA~1\FAATP42\UNWISE.EXE C:\PROGRA~1\FAATP42\INSTALL.LOG
Faros Freeplay FMGS for A340 --> C:\PROGRA~1\Faros\A340FMGS\UNWISE.EXE C:\PROGRA~1\Faros\A340FMGS\INSTALL.LOG
FLV Player 1.3.3 --> "C:\Program Files\FLVPlayer\uninstall.exe"
Gleim's FAA Test Prep 4.2 --> C:\Program Files\FAATP42\Unwise.exe
GNS 480 Simulator --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{63E2EC92-0B96-46A0-B7E9-715D3ECA2546}\setup.exe"
Google Earth --> MsiExec.exe /I{1E04F83B-2AB9-4301-9EF7-E86307F79C72}
HighMAT Extension to Microsoft Windows XP CD Writing Wizard --> MsiExec.exe /X{FCE65C4E-B0E8-4FBD-AD16-EDCBE6CD591F}
HijackThis 2.0.2 --> "C:\Documents and Settings\Pepi\Desktop\LIMPIARSPY\hijackthis\HijackThis.exe" /uninstall
hkSFV (remove only) --> "C:\Program Files\hkSFV\uninst.exe"
Hotfix for Windows Media Format 11 SDK (KB929399) --> "C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
iTunes --> MsiExec.exe /I{AB90749C-7422-4580-8A7A-66CC5E9E5F98}
J2SE Runtime Environment 5.0 Update 3 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150030}
Java 2 SDK, SE v1.4.2_04 --> MsiExec.exe /I{35A3A4F4-B792-11D6-A78A-00B0D0142040}
Java™ 6 Update 2 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160020}
Java™ SE Runtime Environment 6 Update 1 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160010}
Lexmark Z600 Series --> C:\WINDOWS\System32\spool\drivers\w32x86\3\LXBCUN5C.EXE -dLexmark Z600 Series
LimeWire PRO 4.12.3 --> "C:\Program Files\LimeWire\uninstall.exe"
Logitech Gaming Software --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B9242864-2841-4ADE-86E0-8F90F91B04DD}\setup.exe" -l0x9
Macromedia Dreamweaver MX --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{8B4AB829-DFD3-436D-B808-D9733D76C590}\Setup.exe" -l0x9 mmUninstall
Macromedia Extension Manager --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A5BA14E0-7384-11D4-BAE7-00409631A2C8}\setup.exe" -l0x9 mmUninstall
Macromedia Fireworks MX --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{930B2432-43D4-11D5-9871-00C04F8EEB39}\Setup.exe" -l0x9 UNINSTALL
Macromedia Flash MX --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3BE480ED-E17A-431A-981C-5C2EDDBCD3BF}\Setup.exe" -l0x9 UNINSTALL
Macromedia FreeHand 10 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{4D826618-59C6-11D4-976E-00C04F8EEB39}\Setup.exe" -l0x9 UNINSTALL
Macromedia Shockwave Player --> C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log
Malwarebytes' Anti-Malware --> "C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
MD5 for Win32 --> MsiExec.exe /I{E6F88942-A3EE-11D6-862E-0050BF643EE7}
Messenger Plus! 3 --> "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /Remove
Microsoft Compression Client Pack 1.0 for Windows XP --> "C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Flight Simulator 2004 A Century of Flight --> "C:\Program Files\Microsoft Games\Flight Simulator 9\UNINSTAL.EXE" /runtemp /addremove
Microsoft Network Guide --> MsiExec.exe /I{2F30A886-DC9F-4C4D-8CE5-124388C82943}
Microsoft Office FrontPage 2003 --> MsiExec.exe /I{90170409-6000-11D3-8CFE-0150048383C9}
Microsoft Office Small Business Edition 2003 --> MsiExec.exe /I{91CA0C0A-6000-11D3-8CFE-0150048383C9}
Microsoft PowerPoint Viewer 97 --> C:\Program Files\PowerPoint Viewer\setup\setup.exe
Microsoft User-Mode Driver Framework Feature Pack 1.0 --> "C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Visual C++ 2005 Redistributable --> MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
Microsoft Windows Journal Viewer --> MsiExec.exe /X{43DCF766-6838-4F9A-8C91-D92DA586DFA7}
mIRC --> C:\Program Files\mIRC\uninstall.exe _?=C:\Program Files\mIRC
Mozilla Firefox (2.0.0.14) --> C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSN Music Assistant --> rundll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\msninst.inf,Uninstall
Multimedia Launcher --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}\setup.exe" -uninstall
NeoTrace Pro 3.25 Trial --> C:\PROGRA~1\NEOTRA~1\UNWISE.EXE C:\PROGRA~1\NEOTRA~1\INSTALL.LOG
Nero 6 Ultra Edition --> C:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL
Office Animation Runtime --> MsiExec.exe /X{AEEB3643-71DE-414d-9E3F-1159177FE211}
Opera 9.02 --> MsiExec.exe /X{738179D8-3D76-4AFF-A7BE-AEF3B4370CB4}
Panda ActiveScan --> C:\WINDOWS\system32\ASUninst.exe Panda ActiveScan
PokerRoom.com (remove only) --> "E:\pokeroom\PokerRoom.com\uninst.exe"
PowerDVD --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\setup.exe" -uninstall
PowerQuest PartitionMagic 8.0 Demo --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{6BE2A4A4-99FB-48ED-AE1E-4E850389F804}
Prepware 8 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{8833B3BE-3422-41A9-A52D-CCAB3CB159CA}\Setup.exe"
Prepware 9 --> MsiExec.exe /I{A4A47847-9A3F-4C81-BFE8-B91B3F0F59C1}
QuickTime --> MsiExec.exe /I{5E863175-E85D-44A6-8968-82507D34AE7F}
RealPlayer --> C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
RogueRemover 1.17 --> C:\Program Files\RogueRemover\uninst.exe
S3 S3Display --> vtuninst.exe -reg 5 'HKLM\Software\S3\VT\S3Uninst\S3Display'
S3 S3Gamma2 --> vtuninst.exe -reg 5 'HKLM\Software\S3\VT\S3Uninst\S3Gamma2'
S3 S3Info2 --> vtuninst.exe -reg 5 'HKLM\Software\S3\VT\S3Uninst\S3Info2'
S3 S3Overlay --> vtuninst.exe -reg 5 'HKLM\Software\S3\VT\S3Uninst\S3Overlay'
Security Update for CAPICOM (KB931906) --> MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906) --> MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for Step By Step Interactive Training (KB898458) --> "C:\WINDOWS\$NtUninstallKB898458$\spuninst\spuninst.exe"
Security Update for Step By Step Interactive Training (KB923723) --> "C:\WINDOWS\$NtUninstallKB923723$\spuninst\spuninst.exe"
Skype 3.5 --> MsiExec.exe /X{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}
Smart Link 56K Modem --> C:\WINDOWS\Modio\SLAMR2KV\Setup.exe /Remove
SmartFTP Client --> MsiExec.exe /I{11C762F9-95EA-486A-A8E7-683A50C231C1}
StatPlusV2 --> C:\WINDOWS\IsUninst.exe -fC:\Berk-Carey\Uninst.isu
Synaptics Pointing Device Driver --> rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
The Cleaner 5 --> "C:\Program Files\The Cleaner Free\unins000.exe"
UniChrome Graphics Driver and Utilities --> C:\PROGRA~1\S3\S3\s3setvga.exe -s -fC:\PROGRA~1\S3\S3\S3.uns
VIA Audio Driver Setup Program --> RunDll32.exe UnAudioNT.dll,UninstallAudio C:\WINDOWS\IsUninst.exe -f"C:\PROGRA~1\VIATEC~1\VIAAUD~1/Uninst.isu"
VideoCAM GE111 --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{088B7BF8-AC95-4348-B77B-619AEB3A74A5} /l1033
VisualRoute --> "C:\Program Files\VisualRoute\Uninstall.exe" "C:\Program Files\VisualRoute"
Windows Live Messenger --> MsiExec.exe /I{571700F0-DB9D-4B3A-B03D-35A14BB5939F}
Windows Media Format 11 runtime --> "C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
WinPcap 3.1 --> "C:\Program Files\WinPcap\Uninstall.exe" "C:\Program Files\WinPcap\install.log"
WinRAR archiver --> C:\Program Files\WinRAR\uninstall.exe
WinSCP 3.7.6 --> "C:\Program Files\WinSCP3\unins000.exe"
XviD 1.1 final uninstall --> "C:\Program Files\XviD\unins000.exe"
Yahoo! Install Manager --> C:\WINDOWS\system32\regsvr32 /u C:\PROGRA~1\Yahoo!\Common\YINSTH~1.DLL
Yahoo! Messenger --> C:\PROGRA~1\Yahoo!\MESSEN~1\UNWISE.EXE /U C:\PROGRA~1\Yahoo!\MESSEN~1\INSTALL.LOG


-- Application Event Log -------------------------------------------------------

Event Record #/Type14538 / Success
Event Submitted/Written: 05/16/2008 11:23:20 PM
Event ID/Source: 12001 / usnjsvc
Event Description:
The Messenger Sharing USN Journal Reader service started successfully.

Event Record #/Type14531 / Success
Event Submitted/Written: 05/16/2008 01:34:33 PM
Event ID/Source: 12001 / usnjsvc
Event Description:
The Messenger Sharing USN Journal Reader service started successfully.

Event Record #/Type14511 / Success
Event Submitted/Written: 05/14/2008 01:22:30 PM
Event ID/Source: 12001 / usnjsvc
Event Description:
The Messenger Sharing USN Journal Reader service started successfully.

Event Record #/Type14467 / Success
Event Submitted/Written: 05/12/2008 03:53:17 PM
Event ID/Source: 12001 / usnjsvc
Event Description:
The Messenger Sharing USN Journal Reader service started successfully.

Event Record #/Type14460 / Error
Event Submitted/Written: 05/11/2008 04:50:00 PM
Event ID/Source: 1002 / Application Hang
Event Description:
Hanging application wmplayer.exe, version 11.0.5721.5145, hang module hungapp, version 0.0.0.0, hang address 0x00000000.



-- Security Event Log ----------------------------------------------------------

No Errors/Warnings found.


-- System Event Log ------------------------------------------------------------

Event Record #/Type46697 / Error
Event Submitted/Written: 05/17/2008 01:54:29 AM
Event ID/Source: 7016 / Service Control Manager
Event Description:
The SmartLinkService service has reported an invalid current state 0.

Event Record #/Type46691 / Error
Event Submitted/Written: 05/16/2008 11:16:10 PM
Event ID/Source: 1002 / Dhcp
Event Description:
The IP address lease 192.168.0.102 for the Network Card with network address 00904B784E1E has been
denied by the DHCP server 172.17.1.1 (The DHCP Server sent a DHCPNACK message).

Event Record #/Type46663 / Warning
Event Submitted/Written: 05/16/2008 11:50:45 AM
Event ID/Source: 20 / Print
Event Description:
Printer Driver hp officejet 6100 series for Windows NT x86 Version-3 was added or updated. Files:- hpz2ku07.dll, hpzntp07.dll, hpop6107.dat, hpocaspr.hlp, hpzcin06.exe, hpzscr07.dll, hpzcfg07.exe, hpzcoi07.dll, hpzcon07.dll, hpzeng07.exe, hpzflt07.dll, hpzimc07.dll, hpzime07.dll, hpzjui07.dll, hpzlnt07.dll, hpzpcl07.dll, hpzpre07.exe, hpzr3207.dll, hpzres07.dll, hpzrp307.dll, hpzslk07.dll, hpzsnt07.dll, hpzstc07.exe, hpzstw07.exe, hpztbi07.dll, hpztbu07.exe, hpztbx07.exe, hpzvip07.dll, hpocabpr.hlp, hpocahpr.hlp, hpocampr.hlp, hpop1007.dat, hpop1107.dat, hpop1207.dat, hpop2207.dat, hpop2107.dat, hpop2007.dat, hpopd907.dat, hpop4007.dat, hpop4107.dat.

Event Record #/Type46662 / Warning
Event Submitted/Written: 05/16/2008 11:49:32 AM
Event ID/Source: 20 / Print
Event Description:
Printer Driver hp officejet 6100 series for Windows NT x86 Version-3 was added or updated. Files:- hpz2ku07.dll, hpzntp07.dll, hpop6107.dat, hpocaspr.hlp, hpzcin06.exe, hpzscr07.dll, hpzcfg07.exe, hpzcoi07.dll, hpzcon07.dll, hpzeng07.exe, hpzflt07.dll, hpzimc07.dll, hpzime07.dll, hpzjui07.dll, hpzlnt07.dll, hpzpcl07.dll, hpzpre07.exe, hpzr3207.dll, hpzres07.dll, hpzrp307.dll, hpzslk07.dll, hpzsnt07.dll, hpzstc07.exe, hpzstw07.exe, hpztbi07.dll, hpztbu07.exe, hpztbx07.exe, hpzvip07.dll, hpocabpr.hlp, hpocahpr.hlp, hpocampr.hlp, hpop1007.dat, hpop1107.dat, hpop1207.dat, hpop2207.dat, hpop2107.dat, hpop2007.dat, hpopd907.dat, hpop4007.dat, hpop4107.dat.

Event Record #/Type46596 / Error
Event Submitted/Written: 05/14/2008 00:45:25 PM
Event ID/Source: 1002 / Dhcp
Event Description:
The IP address lease 192.168.0.102 for the Network Card with network address 00904B784E1E has been
denied by the DHCP server 0.0.0.0 (The DHCP Server sent a DHCPNACK message).



-- End of Deckard's System Scanner: finished at 2008-05-17 01:55:04 ------------


============================================================================

#4 Rahina

Rahina

    Security Helper


  • Members
  • 681 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Finland
  • Local time:08:25 AM

Posted 18 May 2008 - 02:55 PM

Please visit this webpage for download links, and instructions for running the tool:

http://www.bleepingcomputer.com/combofix/how-to-use-combofix


Please ensure you read this guide carefully and install the Recovery Console first.

The Windows Recovery Console will allow you to boot up into a special recovery (repair) mode. This allows us to more easily help you should your computer have a problem after an attempted removal of malware. It is a simple procedure that will only take a few moments of your time.

Once installed, you should see a blue screen prompt that says:

The Recovery Console was successfully installed.

Please continue as follows:
  • Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
  • Click Yes to allow ComboFix to continue scanning for malware.
When the tool is finished, it will produce a report for you.

Please include the following reports for further review, and so we may continue cleansing the system:

C:\ComboFix.txt
New HijackThis log.

[ Antivirus ] [ Firewall ] [ Spywareblaster ] [ Malwarebytes Anti-Malware ] [ Windows update ] [ Firefox ] [ WinPatrol ] [ ATF Cleaner ]

If i have helped you, donate to help me continue helping others. Posted Image
Posted Image Posted Image

#5 serob

serob
  • Topic Starter

  • Members
  • 38 posts
  • OFFLINE
  •  
  • Local time:12:25 AM

Posted 27 May 2008 - 09:50 PM

Thank you Rahina,

Here are the logs you requested.

=============================================


COMBOFIX

=============================================

ComboFix 08-05-27.4 - Pepi 2008-05-27 20:20:42.2 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.200 [GMT -6:00]
Running from: C:\Documents and Settings\Pepi\Desktop\ComboFix.exe
Command switches used :: C:\Documents and Settings\Pepi\Desktop\WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
* Created a new restore point
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Autorun.inf
C:\WINDOWS\system32\amvo.exe
C:\WINDOWS\system32\amvo0.dll

.
((((((((((((((((((((((((( Files Created from 2008-04-28 to 2008-05-28 )))))))))))))))))))))))))))))))
.

2008-05-19 00:40 . 2008-05-19 00:40 <DIR> d-------- C:\Program Files\Xineo Pilot Logbook
2008-05-13 19:50 . 2008-04-12 10:27 102,954 -r-hs---- C:\uq9peya.bat
2008-05-06 11:43 . 2008-05-06 11:43 <DIR> d-------- C:\Deckard
2008-05-06 09:55 . 2008-05-06 09:55 <DIR> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-05-06 09:55 . 2008-05-06 09:55 <DIR> d-------- C:\Documents and Settings\Pepi\Application Data\Malwarebytes
2008-05-06 09:55 . 2008-05-06 09:55 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-05-06 09:55 . 2008-05-05 20:46 27,048 --a------ C:\WINDOWS\system32\drivers\mbamcatchme.sys
2008-05-06 09:55 . 2008-05-05 20:46 15,864 --a------ C:\WINDOWS\system32\drivers\mbam.sys
2008-05-02 17:54 . 2008-05-02 17:54 <DIR> d--h----- C:\Documents and Settings\All Users\Application Data\CanonBJ

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-05-28 02:10 --------- d-----w C:\Documents and Settings\Pepi\Application Data\Skype
2008-05-04 22:01 --------- d-----w C:\Documents and Settings\Pepi\Application Data\mIRC
2008-05-04 21:56 --------- d-----w C:\Program Files\mIRC
2008-04-28 16:31 --------- d-----w C:\Program Files\The Cleaner Free
2008-04-26 03:57 5,376 ----a-w C:\WINDOWS\system32\drivers\MS1000.sys
2008-04-01 23:41 103,182 --sh--r C:\mvxm.cmd
2008-03-31 20:57 103,704 --sh--r C:\q.com
2008-03-27 08:12 151,583 ----a-w C:\WINDOWS\system32\msjint40.dll
2008-03-19 09:47 1,845,248 ----a-w C:\WINDOWS\system32\win32k.sys
2008-03-01 13:06 826,368 ----a-w C:\WINDOWS\system32\wininet.dll
2006-06-22 04:24 4,225,744 ----a-w C:\Documents and Settings\Pepi\Limewire Lime Wire Pro 4.12.3.exe
2006-02-14 00:27 61 --sh--w C:\WINDOWS\cnerolf.dat
2005-09-10 22:44 66,936 --sha-w C:\WINDOWS\dlinfo_0.drv
1999-04-23 22:22 12 --sha-w C:\WINDOWS\system\WININETICMP32.drv
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{BF1CED2C-4B3F-4079-A330-864EDA5A4CFF}"= "C:\Program Files\QualityCodec\iesplugin.dll" [ ]

[HKEY_CLASSES_ROOT\clsid\{bf1ced2c-4b3f-4079-a330-864eda5a4cff}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PowerBar"="" []
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 01:56 15360]
"msnmsgr"="C:\Program Files\MSN Messenger\msnmsgr.exe" [2007-01-19 11:54 5674352]
"Yahoo! Pager"="C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" [2007-08-30 17:43 4670704]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 10:24 1694208]
"ares"="C:\Program Files\Ares\Ares.exe" [ ]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPLpr"="C:\Program Files\Synaptics\SynTP\SynTPLpr.exe" [2003-04-24 11:51 110592]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2003-04-24 11:44 610304]
"RemoteControl"="C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe" [2003-10-31 21:42 32768]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-02-16 09:54 282624]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2006-01-08 02:30 180269]
"DAEMON Tools"="C:\Program Files\DAEMON Tools\daemon.exe" [2005-12-10 08:57 133016]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 10:50 155648]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2007-03-14 18:05 257088]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" [2007-07-12 04:00 132496]

C:\Documents and Settings\Pepi\Start Menu\Programs\Startup\
hc_tray.lnk - C:\Program Files\DOGKuma Games\hcsystray\hc_tray.exe [2007-04-26 13:49:20 31944]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe [2006-08-18 16:38:40 561213]
RAMASST.lnk - C:\WINDOWS\system32\RAMASST.exe [2004-02-25 11:36:32 155648]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"MSACM.g721adpcm"= g721ad32.acm
"vidc.ir32"= C:\WINDOWS\system32\ir32_32.dll
"vidc.ir31"= C:\WINDOWS\system32\ir32_32.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdaptecDirectCD]
--a------ 2006-03-14 14:33 684032 C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ares]
C:\Program Files\Ares\Ares.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DownloadStudio]
--a------ 2005-12-08 21:34 163840 C:\Program Files\Conceiva\DownloadStudio\DownloadStudioScheduleMonitor.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eMule Acceleration Patch]
--a------ 2006-03-02 15:44 1816 C:\Documents and Settings\All Users\Start Menu\Programs\eMule Acceleration Patch\eMule Acceleration Patch.lnk

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\googletalk]
C:\Program Files\Google\Google Talk\googletalk.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MessengerPlus3]
--a------ 2006-01-14 11:06 190024 C:\Program Files\MessengerPlus! 3\MsgPlus.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
--a------ 2004-10-13 10:24 1694208 C:\Program Files\Messenger\msmsgs.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SystemKey]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Yahoo! Pager]
--a------ 2007-08-30 17:43 4670704 C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=
"C:\\Program Files\\LimeWire\\LimeWire.exe"=
"C:\\Program Files\\mIRC\\mirc.exe"=
"C:\\Program Files\\Skype\\Phone\\Skype.exe"=

R0 BsStor;B.H.A Storage Helper Driver;C:\WINDOWS\system32\drivers\BsStor.sys [2002-06-06 03:07]
S2 secsys;Local Security;C:\WINDOWS\Cachewin\secsys.exe []
S3 Mortondrv2006;Mortondrv2006;c:\Program Files\Wlogs\hxdefdrv.sys []
S3 PAC207;VideoCAM GE111;C:\WINDOWS\system32\DRIVERS\pfc027.sys [2005-04-08 10:46]
S3 tcpip_patcher;tcpip_patcher;C:\Program Files\Ares\tcpip_patcher.sys []
S3 VIASens;Vinyl Sensaura WDM 3D Audio Driver;C:\WINDOWS\system32\drivers\viasens.sys [2003-11-07 09:07]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1c8179f2-f9b9-11dc-821f-00404518ef7c}]
\Shell\AutoRun\command - F:\uq9peya.bat
\Shell\explore\Command - F:\uq9peya.bat
\Shell\open\Command - F:\uq9peya.bat

*Newly Created Service* - CATCHME
.
**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-05-27 20:32:32
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

HKCU\Software\Microsoft\Windows\CurrentVersion\Run
PowerBar = ????????????,?@?,?@?D?????A~??????????????A~,?@?,?@????? ???????????W?D~??A~??????A~K?A~x???????[?A~???????? ??????????????|x???0???????????? st??A~????????????????*]??????R???????,?@?,?@?????Q?B~????4?@?????,?@???@?,?@?3??s??????????????????????@?_??s??@???@

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2008-05-27 20:43:28
ComboFix-quarantined-files.txt 2008-05-28 02:42:47
ComboFix2.txt 2008-02-01 19:30:44

Pre-Run: 2,849,755,136 bytes free
Post-Run: 2,981,773,312 bytes free

WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /fastdetect /NoExecute=OptIn
C:\CMDCONS\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons

136 --- E O F --- 2008-05-16 19:48:21



=============================================


HJT

=============================================

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:48:09 PM, on 5/27/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\WINDOWS\system32\RAMASST.exe
C:\WINDOWS\System32\DVDRAMSV.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\PAStiSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\wltrysvc.exe
C:\WINDOWS\System32\bcmwltry.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Java\jre1.6.0_02\bin\jucheck.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\notepad.exe
C:\Documents and Settings\Pepi\Desktop\LIMPIARSPY\hijackthis\HijackThis.exe
C:\Program Files\Mozilla Firefox\firefox.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 125.7.203.168:80
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: IeMonitorBho Class - {8170D7DC-BDD6-461e-88EB-F047257898C9} - C:\Program Files\Conceiva\DownloadStudio\DLMonitr.dll
O3 - Toolbar: &DownloadStudio - {CB789373-04D5-4ef4-9C16-871463FD0830} - C:\Program Files\Conceiva\DownloadStudio\WebDLBar.dll
O3 - Toolbar: Protection Bar - {bf1ced2c-4b3f-4079-a330-864eda5a4cff} - C:\Program Files\QualityCodec\iesplugin.dll (file missing)
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
O4 - Startup: hc_tray.lnk = C:\Program Files\DOGKuma Games\hcsystray\hc_tray.exe
O4 - Startup: Tencent QQ.lnk = C:\Program Files\Tencent\QQ\QQ.exe
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: RAMASST.lnk = C:\WINDOWS\system32\RAMASST.exe
O8 - Extra context menu item: &NeoTrace It! - C:\PROGRA~1\NEOTRA~1\NTXcontext.htm
O8 - Extra context menu item: Add Page To DownloadStudio Scrapbook... - C:\Program Files\Conceiva\DownloadStudio\ds_snap.htm
O8 - Extra context menu item: Add to QQ Customized Emoticons - C:\Program Files\Tencent\QQ\AddEmotion.htm
O8 - Extra context menu item: Add to QQ Customized Panel - C:\Program Files\Tencent\QQ\AddPanel.htm
O8 - Extra context menu item: Download Image Using DownloadStudio... - C:\Program Files\Conceiva\DownloadStudio\ds_img.htm
O8 - Extra context menu item: Download Page Using DownloadStudio... - C:\Program Files\Conceiva\DownloadStudio\ds_all.htm
O8 - Extra context menu item: Download Selection Using DownloadStudio... - C:\Program Files\Conceiva\DownloadStudio\ds_sel.htm
O8 - Extra context menu item: Download Target Using DownloadStudio... - C:\Program Files\Conceiva\DownloadStudio\ds_file.htm
O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Send Picture with QQ MMS - C:\Program Files\Tencent\QQ\SendMMS.htm
O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Show Page Links Using DownloadStudio... - C:\Program Files\Conceiva\DownloadStudio\ds_link.htm
O8 - Extra context menu item: Subscribe To RSS Feed... - C:\Program Files\Conceiva\DownloadStudio\ds_rss.htm
O9 - Extra button: Trace - {04849C74-016E-4a43-8AA5-1F01DE57F4A1} - C:\Program Files\VisualRoute\vrie.dll
O9 - Extra 'Tools' menuitem: VisualRoute Trace - {04849C74-016E-4a43-8AA5-1F01DE57F4A1} - C:\Program Files\VisualRoute\vrie.dll
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: (no name) - {4D0C4820-53F7-4d79-A2E1-5252683CF69C} - C:\Program Files\Conceiva\DownloadStudio\DownloadStudio.exe
O9 - Extra 'Tools' menuitem: &DownloadStudio - {4D0C4820-53F7-4d79-A2E1-5252683CF69C} - C:\Program Files\Conceiva\DownloadStudio\DownloadStudio.exe
O9 - Extra button: DownloadStudio - {7FCA7BD7-8F4D-4a81-BE72-A470F4E517D5} - C:\Program Files\Conceiva\DownloadStudio\WebDLBar.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe (file missing)
O9 - Extra button: Referencia - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: NeoTrace It! - {9885224C-1217-4c5f-83C2-00002E6CEF2B} - C:\PROGRA~1\NEOTRA~1\NTXtoolbar.htm (HKCU)
O14 - IERESET.INF: START_PAGE_URL=http://www.averatec.com
O16 - DPF: {01111F00-3E00-11D2-8470-0060089874ED} (Support.com Installer) - http://supportsoft.adelphia.net/sdccommon/...ad/tgctlins.cab
O16 - DPF: {488A4255-3236-44B3-8F27-FA1AECAA8844} (CEditCtrl Object) - https://img.alipay.com/download/1007/aliedit.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1156293551756
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://212.98.46.120/activex/AxisCamControl.ocx
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: DVD-RAM_Service - Matsubleepa Electric Industrial Co., Ltd. - C:\WINDOWS\System32\DVDRAMSV.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: Local Security (secsys) - Unknown owner - C:\WINDOWS\Cachewin\secsys.exe (file missing)
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe
O23 - Service: WLTRYSVC - Unknown owner - C:\WINDOWS\System32\wltrysvc.exe

--
End of file - 10245 bytes

Edited by serob, 27 May 2008 - 09:51 PM.


#6 Rahina

Rahina

    Security Helper


  • Members
  • 681 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Finland
  • Local time:08:25 AM

Posted 28 May 2008 - 09:22 AM

Open notepad and copy/paste the text in the quotebox below into it: ( Please make sure you copy everything in the code box )

Folder::
C:\Program Files\QualityCodec

Driver::
Mortondrv2006

File::
C:\Program Files\Wlogs\hxdefdrv.sys

Dirlook:
C:\Program Files\Wlogs

Registry::
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{BF1CED2C-4B3F-4079-A330-864EDA5A4CFF}"=-
[-HKEY_CLASSES_ROOT\clsid\{bf1ced2c-4b3f-4079-a330-864eda5a4cff}]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PowerBar"=-

Save this as CFScript.txt

Posted Image

Refering to the picture above, drag CFScript.txt into ComboFix.exe

======

Please do an online scan with Kaspersky WebScanner

Click on Kaspersky Online Scanner

You will be promted to install an ActiveX component from Kaspersky, Click Yes.
  • The program will launch and then begin downloading the latest definition files:
  • Once the files have been downloaded click on NEXT
  • Now click on Scan Settings
  • In the scan settings make that the following are selected:
    • Scan using the following Anti-Virus database:
    Extended (if available otherwise Standard)
    • Scan Options:
    Scan Archives
    Scan Mail Bases
  • Click OK
  • Now under select a target to scan:Select My Computer
  • This will program will start and scan your system.
  • The scan will take a while so be patient and let it run.
  • Once the scan is complete it will display if your system has been infected.
    • Now click on the Save as Text button:
  • Save the file to your desktop.
  • Copy and paste that information in your next post.
Turn off the real time scanner of any existing antivirus program while performing the online scan
Note for Internet Explorer 7 users: If at any time you have trouble with the accept button of the licence, click on the Zoom tool located at the right bottom of the IE window and set the zoom to 75 %. Once the license accepted, reset to 100%.

======

Download GMER and Unzip it to the desktop.

Unzip it and double click the gmer.exe file

Open the program and click on the Rootkit tab.
Make sure all the boxes on the right of the screen are checked, EXCEPT for €˜Show All€™.
Click on Scan.
When the scan has run click Copy and paste the results (if any) into this thread.

Edited by Rahina, 28 May 2008 - 09:24 AM.

[ Antivirus ] [ Firewall ] [ Spywareblaster ] [ Malwarebytes Anti-Malware ] [ Windows update ] [ Firefox ] [ WinPatrol ] [ ATF Cleaner ]

If i have helped you, donate to help me continue helping others. Posted Image
Posted Image Posted Image

#7 serob

serob
  • Topic Starter

  • Members
  • 38 posts
  • OFFLINE
  •  
  • Local time:12:25 AM

Posted 30 May 2008 - 03:19 PM

RAHINA.

Combofix ran when I placed CFScript over the ComboFix icon:

the post is so long i had to attach the logs.

Thanks

I cant post GMER in the forum its 517KB long and it wont let me attach it or post it separately would take like 4 posts what can i do. should i zip it?

tnx

Attached Files



#8 serob

serob
  • Topic Starter

  • Members
  • 38 posts
  • OFFLINE
  •  
  • Local time:12:25 AM

Posted 30 May 2008 - 03:48 PM

Zipped GMER log.

Attached Files



#9 Rahina

Rahina

    Security Helper


  • Members
  • 681 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Finland
  • Local time:08:25 AM

Posted 03 June 2008 - 08:20 AM

Sorry for the delay

Please download OTMoveIt2 by OldTimer and save to your Desktop.
  • Double-click on OTMoveIt2.exe to launch the program.
  • Copy the file(s)/folder(s) paths listed below - highlight everything in the quote box and press CTRL+C or right-click and choose Copy.
  • C:\!KillBox
    C:\Deckard
    C:\Documents and Settings\Pepi\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine
    C:\Documents and Settings\Pepi\Desktop\GETCIGAR\HOSTARICA\backup-10.23.2005_12-23-31_getcigar.tar.gz
    C:\Documents and Settings\Pepi\Desktop\GETCIGAR\MILLONDEMAILS\softwares.zip
    C:\Documents and Settings\Pepi\Shared\CopyTrans Suite v1.02.rar
    C:\Documents and Settings\Pepi\Shared\entre remolinos zompopo.wm
    C:\mvxm.cmd
    C:\q.com
    C:\uq9peya.bat

  • Return to OTMoveIt2, right-click in the open text box labeled "Paste List of Files/Folders to be Moved" (under the light blue bar) and choose Paste.
  • Click the red MoveIt! button.
  • The list will be processed and the results will be displayed in the right-hand pane.
  • Highlight everything in the Results window (under the green bar), press CTRL+C or right-click, choose Copy, right-click again and Paste it in your next reply.
  • Click Exit when done.
  • A log of the results is automatically created and saved to C:\_OTMoveIt\MovedFiles \mmddyyyy_hhmmss.log <- the date/time the tool was run.
-- Note: If a file or folder cannot be moved immediately you may be asked to reboot your computer in order to finish the move process. If asked to reboot, choose Yes. If not, reboot anyway.

Caution: Be careful of what you copy and paste with this tool. OTMoveIt is a powerful program, designed to move highly persistent files and folders. Not following the directions as instructed or using incorrectly could lead to disastrous problems with your operating system.

Open up Otmoveit again and hit Cleanup! button.

Make sure original copy of combofix.exe is placed on your desktop.

Go to start > run and copy and paste next command in the field:

ComboFix /u

Make sure there's a space between Combofix and /
Then hit enter.

=====

Reset and Re-enable your System Restore to remove infected files that have been backed up by Windows. The files in System Restore are protected to prevent any programs from changing those files. This is the only way to clean these files: (You will lose all previous restore points which are likely to be infected)

1. Turn off System Restore.
On the Desktop, right-click My Computer.
Click Properties.
Click the System Restore tab.
Check Turn off System Restore.
Click Apply, and then click OK.2. Restart your computer.

3. Turn ON System Restore.
On the Desktop, right-click My Computer.
Click Properties.
Click the System Restore tab.
UN-Check Turn off System Restore.
Click Apply, and then click OK.

System Restore will now be active again.

How are things running now?
[ Antivirus ] [ Firewall ] [ Spywareblaster ] [ Malwarebytes Anti-Malware ] [ Windows update ] [ Firefox ] [ WinPatrol ] [ ATF Cleaner ]

If i have helped you, donate to help me continue helping others. Posted Image
Posted Image Posted Image

#10 serob

serob
  • Topic Starter

  • Members
  • 38 posts
  • OFFLINE
  •  
  • Local time:12:25 AM

Posted 04 June 2008 - 02:53 AM

Hi Rahina,

After running the OTMoveIt2 I go the log displayed below and after that I am posting the log from the Cleanup! I completed all you requested step by step:


======================================================================


C:\!KillBox\Logs moved successfully.
C:\!KillBox moved successfully.
C:\Deckard\System Scanner\backup\WINDOWS\temp moved successfully.
C:\Deckard\System Scanner\backup\WINDOWS\Downloaded Program Files moved successfully.
C:\Deckard\System Scanner\backup\WINDOWS moved successfully.
C:\Deckard\System Scanner\backup\DOCUME~1\Pepi\LOCALS~1\Temp\~nsu.tmp moved successfully.
C:\Deckard\System Scanner\backup\DOCUME~1\Pepi\LOCALS~1\Temp\ZB moved successfully.
C:\Deckard\System Scanner\backup\DOCUME~1\Pepi\LOCALS~1\Temp\WPDNSE moved successfully.
C:\Deckard\System Scanner\backup\DOCUME~1\Pepi\LOCALS~1\Temp\VBE moved successfully.
C:\Deckard\System Scanner\backup\DOCUME~1\Pepi\LOCALS~1\Temp\plugtmp-9 moved successfully.
C:\Deckard\System Scanner\backup\DOCUME~1\Pepi\LOCALS~1\Temp\plugtmp-8 moved successfully.
C:\Deckard\System Scanner\backup\DOCUME~1\Pepi\LOCALS~1\Temp\plugtmp-7 moved successfully.
C:\Deckard\System Scanner\backup\DOCUME~1\Pepi\LOCALS~1\Temp\plugtmp-6 moved successfully.
C:\Deckard\System Scanner\backup\DOCUME~1\Pepi\LOCALS~1\Temp\plugtmp-5 moved successfully.
C:\Deckard\System Scanner\backup\DOCUME~1\Pepi\LOCALS~1\Temp\plugtmp-4 moved successfully.
C:\Deckard\System Scanner\backup\DOCUME~1\Pepi\LOCALS~1\Temp\plugtmp-3 moved successfully.
C:\Deckard\System Scanner\backup\DOCUME~1\Pepi\LOCALS~1\Temp\plugtmp-2 moved successfully.
C:\Deckard\System Scanner\backup\DOCUME~1\Pepi\LOCALS~1\Temp\plugtmp-13 moved successfully.
C:\Deckard\System Scanner\backup\DOCUME~1\Pepi\LOCALS~1\Temp\plugtmp-12 moved successfully.
C:\Deckard\System Scanner\backup\DOCUME~1\Pepi\LOCALS~1\Temp\plugtmp-11 moved successfully.
C:\Deckard\System Scanner\backup\DOCUME~1\Pepi\LOCALS~1\Temp\plugtmp-10 moved successfully.
C:\Deckard\System Scanner\backup\DOCUME~1\Pepi\LOCALS~1\Temp\plugtmp-1 moved successfully.
C:\Deckard\System Scanner\backup\DOCUME~1\Pepi\LOCALS~1\Temp\plugtmp moved successfully.
C:\Deckard\System Scanner\backup\DOCUME~1\Pepi\LOCALS~1\Temp\msohtml1\01 moved successfully.
C:\Deckard\System Scanner\backup\DOCUME~1\Pepi\LOCALS~1\Temp\msohtml1 moved successfully.
C:\Deckard\System Scanner\backup\DOCUME~1\Pepi\LOCALS~1\Temp\msohtml moved successfully.
C:\Deckard\System Scanner\backup\DOCUME~1\Pepi\LOCALS~1\Temp\MessengerCache moved successfully.
C:\Deckard\System Scanner\backup\DOCUME~1\Pepi\LOCALS~1\Temp\hsperfdata_Pepi moved successfully.
C:\Deckard\System Scanner\backup\DOCUME~1\Pepi\LOCALS~1\Temp\BTN%Copy%1\BTN%Copy%2 moved successfully.
Folder move failed. C:\Deckard\System Scanner\backup\DOCUME~1\Pepi\LOCALS~1\Temp\BTN%Copy%1 scheduled to be moved on reboot.
C:\Deckard\System Scanner\backup\DOCUME~1\Pepi\LOCALS~1\Temp\Adobe\Acrobat\6.0 moved successfully.
C:\Deckard\System Scanner\backup\DOCUME~1\Pepi\LOCALS~1\Temp\Adobe\Acrobat moved successfully.
C:\Deckard\System Scanner\backup\DOCUME~1\Pepi\LOCALS~1\Temp\Adobe moved successfully.
C:\Deckard\System Scanner\backup\DOCUME~1\Pepi\LOCALS~1\Temp\.kmztmp moved successfully.
Folder move failed. C:\Deckard\System Scanner\backup\DOCUME~1\Pepi\LOCALS~1\Temp scheduled to be moved on reboot.
Folder move failed. C:\Deckard\System Scanner\backup\DOCUME~1\Pepi\LOCALS~1 scheduled to be moved on reboot.
Folder move failed. C:\Deckard\System Scanner\backup\DOCUME~1\Pepi scheduled to be moved on reboot.
Folder move failed. C:\Deckard\System Scanner\backup\DOCUME~1 scheduled to be moved on reboot.
Folder move failed. C:\Deckard\System Scanner\backup scheduled to be moved on reboot.
Folder move failed. C:\Deckard\System Scanner scheduled to be moved on reboot.
Folder move failed. C:\Deckard scheduled to be moved on reboot.
C:\Documents and Settings\Pepi\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine moved successfully.
C:\Documents and Settings\Pepi\Desktop\GETCIGAR\HOSTARICA\backup-10.23.2005_12-23-31_getcigar.tar.gz moved successfully.
C:\Documents and Settings\Pepi\Desktop\GETCIGAR\MILLONDEMAILS\softwares.zip moved successfully.
C:\Documents and Settings\Pepi\Shared\CopyTrans Suite v1.02.rar moved successfully.
C:\Documents and Settings\Pepi\Shared\entre remolinos zompopo.wm moved successfully.
C:\mvxm.cmd moved successfully.
C:\q.com moved successfully.
C:\uq9peya.bat moved successfully.

OTMoveIt2 by OldTimer - Version 1.0.4.2 log created on 06042008_010850

Files moved on Reboot...
C:\Deckard\System Scanner\backup\DOCUME~1\Pepi\LOCALS~1\Temp\BTN%Copy%1\BTN%Copy%2 moved successfully.
Folder move failed. C:\Deckard\System Scanner\backup\DOCUME~1\Pepi\LOCALS~1\Temp\BTN%Copy%1 scheduled to be moved on reboot.
C:\Deckard\System Scanner\backup\DOCUME~1\Pepi\LOCALS~1\Temp\BTN%Copy%1\BTN%Copy%2 moved successfully.
Folder move failed. C:\Deckard\System Scanner\backup\DOCUME~1\Pepi\LOCALS~1\Temp\BTN%Copy%1 scheduled to be moved on reboot.
Folder move failed. C:\Deckard\System Scanner\backup\DOCUME~1\Pepi\LOCALS~1\Temp scheduled to be moved on reboot.
C:\Deckard\System Scanner\backup\DOCUME~1\Pepi\LOCALS~1\Temp\BTN%Copy%1\BTN%Copy%2 moved successfully.
Folder move failed. C:\Deckard\System Scanner\backup\DOCUME~1\Pepi\LOCALS~1\Temp\BTN%Copy%1 scheduled to be moved on reboot.
Folder move failed. C:\Deckard\System Scanner\backup\DOCUME~1\Pepi\LOCALS~1\Temp scheduled to be moved on reboot.
Folder move failed. C:\Deckard\System Scanner\backup\DOCUME~1\Pepi\LOCALS~1 scheduled to be moved on reboot.
C:\Deckard\System Scanner\backup\DOCUME~1\Pepi\LOCALS~1\Temp\BTN%Copy%1\BTN%Copy%2 moved successfully.
Folder move failed. C:\Deckard\System Scanner\backup\DOCUME~1\Pepi\LOCALS~1\Temp\BTN%Copy%1 scheduled to be moved on reboot.
Folder move failed. C:\Deckard\System Scanner\backup\DOCUME~1\Pepi\LOCALS~1\Temp scheduled to be moved on reboot.
Folder move failed. C:\Deckard\System Scanner\backup\DOCUME~1\Pepi\LOCALS~1 scheduled to be moved on reboot.
Folder move failed. C:\Deckard\System Scanner\backup\DOCUME~1\Pepi scheduled to be moved on reboot.
C:\Deckard\System Scanner\backup\DOCUME~1\Pepi\LOCALS~1\Temp\BTN%Copy%1\BTN%Copy%2 moved successfully.
Folder move failed. C:\Deckard\System Scanner\backup\DOCUME~1\Pepi\LOCALS~1\Temp\BTN%Copy%1 scheduled to be moved on reboot.
Folder move failed. C:\Deckard\System Scanner\backup\DOCUME~1\Pepi\LOCALS~1\Temp scheduled to be moved on reboot.
Folder move failed. C:\Deckard\System Scanner\backup\DOCUME~1\Pepi\LOCALS~1 scheduled to be moved on reboot.
Folder move failed. C:\Deckard\System Scanner\backup\DOCUME~1\Pepi scheduled to be moved on reboot.
Folder move failed. C:\Deckard\System Scanner\backup\DOCUME~1 scheduled to be moved on reboot.
C:\Deckard\System Scanner\backup\DOCUME~1\Pepi\LOCALS~1\Temp\BTN%Copy%1\BTN%Copy%2 moved successfully.
Folder move failed. C:\Deckard\System Scanner\backup\DOCUME~1\Pepi\LOCALS~1\Temp\BTN%Copy%1 scheduled to be moved on reboot.
Folder move failed. C:\Deckard\System Scanner\backup\DOCUME~1\Pepi\LOCALS~1\Temp scheduled to be moved on reboot.
Folder move failed. C:\Deckard\System Scanner\backup\DOCUME~1\Pepi\LOCALS~1 scheduled to be moved on reboot.
Folder move failed. C:\Deckard\System Scanner\backup\DOCUME~1\Pepi scheduled to be moved on reboot.
Folder move failed. C:\Deckard\System Scanner\backup\DOCUME~1 scheduled to be moved on reboot.
Folder move failed. C:\Deckard\System Scanner\backup scheduled to be moved on reboot.
C:\Deckard\System Scanner\backup\DOCUME~1\Pepi\LOCALS~1\Temp\BTN%Copy%1\BTN%Copy%2 moved successfully.
Folder move failed. C:\Deckard\System Scanner\backup\DOCUME~1\Pepi\LOCALS~1\Temp\BTN%Copy%1 scheduled to be moved on reboot.
Folder move failed. C:\Deckard\System Scanner\backup\DOCUME~1\Pepi\LOCALS~1\Temp scheduled to be moved on reboot.
Folder move failed. C:\Deckard\System Scanner\backup\DOCUME~1\Pepi\LOCALS~1 scheduled to be moved on reboot.
Folder move failed. C:\Deckard\System Scanner\backup\DOCUME~1\Pepi scheduled to be moved on reboot.
Folder move failed. C:\Deckard\System Scanner\backup\DOCUME~1 scheduled to be moved on reboot.
Folder move failed. C:\Deckard\System Scanner\backup scheduled to be moved on reboot.
Folder move failed. C:\Deckard\System Scanner scheduled to be moved on reboot.
C:\Deckard\System Scanner\backup\DOCUME~1\Pepi\LOCALS~1\Temp\BTN%Copy%1\BTN%Copy%2 moved successfully.
Folder move failed. C:\Deckard\System Scanner\backup\DOCUME~1\Pepi\LOCALS~1\Temp\BTN%Copy%1 scheduled to be moved on reboot.
Folder move failed. C:\Deckard\System Scanner\backup\DOCUME~1\Pepi\LOCALS~1\Temp scheduled to be moved on reboot.
Folder move failed. C:\Deckard\System Scanner\backup\DOCUME~1\Pepi\LOCALS~1 scheduled to be moved on reboot.
Folder move failed. C:\Deckard\System Scanner\backup\DOCUME~1\Pepi scheduled to be moved on reboot.
Folder move failed. C:\Deckard\System Scanner\backup\DOCUME~1 scheduled to be moved on reboot.
Folder move failed. C:\Deckard\System Scanner\backup scheduled to be moved on reboot.
Folder move failed. C:\Deckard\System Scanner scheduled to be moved on reboot.
Folder move failed. C:\Deckard scheduled to be moved on reboot.


======================================================================

CLEANUP

======================================================================


File/Folder avenger.zip not found.
File/Folder avenger.exe not found.
File/Folder Avenger not found.
File/Folder avenger.txt not found.
File/Folder bfu.zip not found.
File/Folder BFU not found.
C:\WINDOWS\erdnt\subs folder deleted successfully.
C:\WINDOWS\erdnt\Hiv-backup\Users\00000006 folder deleted successfully.
C:\WINDOWS\erdnt\Hiv-backup\Users\00000005 folder deleted successfully.
C:\WINDOWS\erdnt\Hiv-backup\Users\00000004 folder deleted successfully.
C:\WINDOWS\erdnt\Hiv-backup\Users\00000003 folder deleted successfully.
C:\WINDOWS\erdnt\Hiv-backup\Users\00000002 folder deleted successfully.
C:\WINDOWS\erdnt\Hiv-backup\Users\00000001 folder deleted successfully.
C:\WINDOWS\erdnt\Hiv-backup\Users folder deleted successfully.
C:\WINDOWS\erdnt\Hiv-backup folder deleted successfully.
C:\WINDOWS\erdnt\dss folder deleted successfully.
C:\WINDOWS\erdnt folder deleted successfully.
C:\QooBox\Quarantine\Registry_backups folder deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\drivers folder deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32 folder deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS folder deleted successfully.
C:\QooBox\Quarantine\C\ComboFix folder deleted successfully.
C:\QooBox\Quarantine\C folder deleted successfully.
C:\QooBox\Quarantine folder deleted successfully.
C:\QooBox\BackEnv folder deleted successfully.
C:\QooBox folder deleted successfully.
Service not present: catchme.
C:\Deckard\System Scanner\backup\DOCUME~1\Pepi\LOCALS~1\Temp\BTN%Copy%1\BTN%Copy%2 folder deleted successfully.
C:\Deckard\System Scanner\backup\DOCUME~1\Pepi\LOCALS~1\Temp\BTN%Copy%1 folder deleted successfully.
C:\Deckard\System Scanner\backup\DOCUME~1\Pepi\LOCALS~1\Temp folder deleted successfully.
C:\Deckard\System Scanner\backup\DOCUME~1\Pepi\LOCALS~1 folder deleted successfully.
C:\Deckard\System Scanner\backup\DOCUME~1\Pepi folder deleted successfully.
C:\Deckard\System Scanner\backup\DOCUME~1 folder deleted successfully.
C:\Deckard\System Scanner\backup folder deleted successfully.
C:\Deckard\System Scanner folder deleted successfully.
C:\Deckard folder deleted successfully.
C:\fixwareout\SUB folder deleted successfully.
C:\fixwareout\FindT folder deleted successfully.
C:\fixwareout folder deleted successfully.
gmer service deleted successfully.
File delete failed. C:\Documents and Settings\Pepi\Desktop\OTMoveIt2.exe scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Pepi\Desktop\OTMoveIt2.exe scheduled to be deleted on reboot.
C:\_OTMoveIt\MovedFiles\06042008_010850\Documents and Settings\Pepi\Shared folder deleted successfully.
C:\_OTMoveIt\MovedFiles\06042008_010850\Documents and Settings\Pepi\Desktop\GETCIGAR\MILLONDEMAILS folder deleted successfully.
C:\_OTMoveIt\MovedFiles\06042008_010850\Documents and Settings\Pepi\Desktop\GETCIGAR\HOSTARICA folder deleted successfully.
C:\_OTMoveIt\MovedFiles\06042008_010850\Documents and Settings\Pepi\Desktop\GETCIGAR folder deleted successfully.
C:\_OTMoveIt\MovedFiles\06042008_010850\Documents and Settings\Pepi\Desktop folder deleted successfully.
C:\_OTMoveIt\MovedFiles\06042008_010850\Documents and Settings\Pepi\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine folder deleted successfully.
C:\_OTMoveIt\MovedFiles\06042008_010850\Documents and Settings\Pepi\Application Data\Malwarebytes\Malwarebytes' Anti-Malware folder deleted successfully.
C:\_OTMoveIt\MovedFiles\06042008_010850\Documents and Settings\Pepi\Application Data\Malwarebytes folder deleted successfully.
C:\_OTMoveIt\MovedFiles\06042008_010850\Documents and Settings\Pepi\Application Data folder deleted successfully.
C:\_OTMoveIt\MovedFiles\06042008_010850\Documents and Settings\Pepi folder deleted successfully.
C:\_OTMoveIt\MovedFiles\06042008_010850\Documents and Settings folder deleted successfully.
C:\_OTMoveIt\MovedFiles\06042008_010850\Deckard\System Scanner\backup\WINDOWS\temp folder deleted successfully.
C:\_OTMoveIt\MovedFiles\06042008_010850\Deckard\System Scanner\backup\WINDOWS\Downloaded Program Files folder deleted successfully.
C:\_OTMoveIt\MovedFiles\06042008_010850\Deckard\System Scanner\backup\WINDOWS folder deleted successfully.
C:\_OTMoveIt\MovedFiles\06042008_010850\Deckard\System Scanner\backup\DOCUME~1\Pepi\LOCALS~1\Temp\~nsu.tmp folder deleted successfully.
C:\_OTMoveIt\MovedFiles\06042008_010850\Deckard\System Scanner\backup\DOCUME~1\Pepi\LOCALS~1\Temp\ZB folder deleted successfully.
C:\_OTMoveIt\MovedFiles\06042008_010850\Deckard\System Scanner\backup\DOCUME~1\Pepi\LOCALS~1\Temp\WPDNSE folder deleted successfully.
C:\_OTMoveIt\MovedFiles\06042008_010850\Deckard\System Scanner\backup\DOCUME~1\Pepi\LOCALS~1\Temp\VBE folder deleted successfully.
C:\_OTMoveIt\MovedFiles\06042008_010850\Deckard\System Scanner\backup\DOCUME~1\Pepi\LOCALS~1\Temp\plugtmp-9 folder deleted successfully.
C:\_OTMoveIt\MovedFiles\06042008_010850\Deckard\System Scanner\backup\DOCUME~1\Pepi\LOCALS~1\Temp\plugtmp-8 folder deleted successfully.
C:\_OTMoveIt\MovedFiles\06042008_010850\Deckard\System Scanner\backup\DOCUME~1\Pepi\LOCALS~1\Temp\plugtmp-7 folder deleted successfully.
C:\_OTMoveIt\MovedFiles\06042008_010850\Deckard\System Scanner\backup\DOCUME~1\Pepi\LOCALS~1\Temp\plugtmp-6 folder deleted successfully.
C:\_OTMoveIt\MovedFiles\06042008_010850\Deckard\System Scanner\backup\DOCUME~1\Pepi\LOCALS~1\Temp\plugtmp-5 folder deleted successfully.
C:\_OTMoveIt\MovedFiles\06042008_010850\Deckard\System Scanner\backup\DOCUME~1\Pepi\LOCALS~1\Temp\plugtmp-4 folder deleted successfully.
C:\_OTMoveIt\MovedFiles\06042008_010850\Deckard\System Scanner\backup\DOCUME~1\Pepi\LOCALS~1\Temp\plugtmp-3 folder deleted successfully.
C:\_OTMoveIt\MovedFiles\06042008_010850\Deckard\System Scanner\backup\DOCUME~1\Pepi\LOCALS~1\Temp\plugtmp-2 folder deleted successfully.
C:\_OTMoveIt\MovedFiles\06042008_010850\Deckard\System Scanner\backup\DOCUME~1\Pepi\LOCALS~1\Temp\plugtmp-13 folder deleted successfully.
C:\_OTMoveIt\MovedFiles\06042008_010850\Deckard\System Scanner\backup\DOCUME~1\Pepi\LOCALS~1\Temp\plugtmp-12 folder deleted successfully.
C:\_OTMoveIt\MovedFiles\06042008_010850\Deckard\System Scanner\backup\DOCUME~1\Pepi\LOCALS~1\Temp\plugtmp-11 folder deleted successfully.
C:\_OTMoveIt\MovedFiles\06042008_010850\Deckard\System Scanner\backup\DOCUME~1\Pepi\LOCALS~1\Temp\plugtmp-10 folder deleted successfully.
C:\_OTMoveIt\MovedFiles\06042008_010850\Deckard\System Scanner\backup\DOCUME~1\Pepi\LOCALS~1\Temp\plugtmp-1 folder deleted successfully.
C:\_OTMoveIt\MovedFiles\06042008_010850\Deckard\System Scanner\backup\DOCUME~1\Pepi\LOCALS~1\Temp\plugtmp folder deleted successfully.
C:\_OTMoveIt\MovedFiles\06042008_010850\Deckard\System Scanner\backup\DOCUME~1\Pepi\LOCALS~1\Temp\msohtml1\01 folder deleted successfully.
C:\_OTMoveIt\MovedFiles\06042008_010850\Deckard\System Scanner\backup\DOCUME~1\Pepi\LOCALS~1\Temp\msohtml1 folder deleted successfully.
C:\_OTMoveIt\MovedFiles\06042008_010850\Deckard\System Scanner\backup\DOCUME~1\Pepi\LOCALS~1\Temp\msohtml folder deleted successfully.
File delete failed. C:\_OTMoveIt\MovedFiles\06042008_010850\Deckard\System Scanner\backup\DOCUME~1\Pepi\LOCALS~1\Temp\MessengerCache\http3A2F2Fshared.live.com2F4FK9aqzvrflZGlAXJATfbfCLXTF6fG2oEtY3uxzEjo-z5!eqMLyrNr0flWLPuVb0WO2TO-wLOcKXqsOJC!CxCA2Fspain_artistic12F12.1.13472Fimg2FSmallBannerImage.jpg scheduled to be deleted on reboot.
C:\_OTMoveIt\MovedFiles\06042008_010850\Deckard\System Scanner\backup\DOCUME~1\Pepi\LOCALS~1\Temp\MessengerCache folder deleted successfully.
C:\_OTMoveIt\MovedFiles\06042008_010850\Deckard\System Scanner\backup\DOCUME~1\Pepi\LOCALS~1\Temp\hsperfdata_Pepi folder deleted successfully.
C:\_OTMoveIt\MovedFiles\06042008_010850\Deckard\System Scanner\backup\DOCUME~1\Pepi\LOCALS~1\Temp\BTN%Copy%1 folder deleted successfully.
C:\_OTMoveIt\MovedFiles\06042008_010850\Deckard\System Scanner\backup\DOCUME~1\Pepi\LOCALS~1\Temp\Adobe\Acrobat\6.0 folder deleted successfully.
C:\_OTMoveIt\MovedFiles\06042008_010850\Deckard\System Scanner\backup\DOCUME~1\Pepi\LOCALS~1\Temp\Adobe\Acrobat folder deleted successfully.
C:\_OTMoveIt\MovedFiles\06042008_010850\Deckard\System Scanner\backup\DOCUME~1\Pepi\LOCALS~1\Temp\Adobe folder deleted successfully.
C:\_OTMoveIt\MovedFiles\06042008_010850\Deckard\System Scanner\backup\DOCUME~1\Pepi\LOCALS~1\Temp\.kmztmp folder deleted successfully.
C:\_OTMoveIt\MovedFiles\06042008_010850\Deckard\System Scanner\backup\DOCUME~1\Pepi\LOCALS~1\Temp folder deleted successfully.
C:\_OTMoveIt\MovedFiles\06042008_010850\Deckard\System Scanner\backup\DOCUME~1\Pepi\LOCALS~1 folder deleted successfully.
C:\_OTMoveIt\MovedFiles\06042008_010850\Deckard\System Scanner\backup\DOCUME~1\Pepi folder deleted successfully.
C:\_OTMoveIt\MovedFiles\06042008_010850\Deckard\System Scanner\backup\DOCUME~1 folder deleted successfully.
C:\_OTMoveIt\MovedFiles\06042008_010850\Deckard\System Scanner\backup folder deleted successfully.
C:\_OTMoveIt\MovedFiles\06042008_010850\Deckard\System Scanner folder deleted successfully.
C:\_OTMoveIt\MovedFiles\06042008_010850\Deckard folder deleted successfully.
C:\_OTMoveIt\MovedFiles\06042008_010850\!KillBox\Logs folder deleted successfully.
C:\_OTMoveIt\MovedFiles\06042008_010850\!KillBox folder deleted successfully.
C:\_OTMoveIt\MovedFiles\06042008_010850 folder deleted successfully.
C:\_OTMoveIt\MovedFiles folder deleted successfully.
C:\_OTMoveIt folder deleted successfully.
File delete failed. C:\Documents and Settings\Pepi\Desktop\OTMoveIt2.exe scheduled to be deleted on reboot.

#11 Rahina

Rahina

    Security Helper


  • Members
  • 681 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Finland
  • Local time:08:25 AM

Posted 04 June 2008 - 07:49 AM

How are things running now?
[ Antivirus ] [ Firewall ] [ Spywareblaster ] [ Malwarebytes Anti-Malware ] [ Windows update ] [ Firefox ] [ WinPatrol ] [ ATF Cleaner ]

If i have helped you, donate to help me continue helping others. Posted Image
Posted Image Posted Image

#12 serob

serob
  • Topic Starter

  • Members
  • 38 posts
  • OFFLINE
  •  
  • Local time:12:25 AM

Posted 04 June 2008 - 11:11 AM

Thank you Rahina,

Everything seems to be better now, I am not sure if the Keylogger is gone but I hope it is :-) thanks for all your help!!

#13 Rahina

Rahina

    Security Helper


  • Members
  • 681 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Finland
  • Local time:08:25 AM

Posted 05 June 2008 - 03:12 AM

Please Re-scan using Kaspersky online scan and let me know the results.
[ Antivirus ] [ Firewall ] [ Spywareblaster ] [ Malwarebytes Anti-Malware ] [ Windows update ] [ Firefox ] [ WinPatrol ] [ ATF Cleaner ]

If i have helped you, donate to help me continue helping others. Posted Image
Posted Image Posted Image




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users